Премини към съдържанието

Препоръчан отговор


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
Ran by Teodor (administrator) on DESKTOP-C04JVK0 (29-04-2017 08:51:07)
Running from C:\Users\Teodor\Desktop
Loaded Profiles: Teodor (Available Profiles: Teodor)
Platform: Windows 10 Pro (X64) Language: Български (България)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) D:\NOD32\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Windows\KMS-R@1n.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ESET) D:\NOD32\egui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Facebook) C:\Users\Teodor\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.17020_none_1152834562020692\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Users\Teodor\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(The CefSharp Authors) C:\Users\Teodor\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
() C:\Users\Teodor\AppData\Local\NVIDIA\NvBackend\Packages\0000a078\DAO.22041540.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344536 2017-04-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [RaidCall] => D:\RAIDCALL\RaidCall.RU\raidcall.exe [5160360 2016-10-13] (RAIDCALL.COM)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-09-28] (Qualcomm®Atheros®)
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\Run: [AsDriverCD] => C:\Windows\Temp\AsInsWizMonitor.exe [617072 2013-06-03] (ASUSTek Computer INC.) <===== ATTENTION
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\MountPoints2: {210478a9-6af3-11e6-8d78-2c56dc046cf9} - "F:\Autorun.exe"
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\MountPoints2: {306a7859-77c1-11e6-8d80-2c56dc046cf9} - "G:\RunGame.exe"
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\MountPoints2: {306a79b7-77c1-11e6-8d80-2c56dc046cf9} - "H:\RunGame.exe"
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\...\MountPoints2: {47cdc656-b828-11e6-8d9e-2c56dc046cf9} - "I:\RunGame.exe"
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsDesktop.scf [2017-01-28] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Fast Start.lnk [2017-03-14]
ShortcutTarget: SOLIDWORKS 2016 Fast Start.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-03-18]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Teodor\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.39.90.42 8.8.8.8
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{330d4992-fc99-409a-af91-14a2eb0ae931}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{43d1c7c0-f5f7-4315-9248-589adf112606}: [DhcpNameServer] 212.39.90.42 8.8.8.8
Tcpip\..\Interfaces\{7b6ffddd-7e3e-43b4-a345-d36bae5a9631}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3485102214-934059291-1202068717-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\VisualStudio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3485102214-934059291-1202068717-1001 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: ola3y0kg.default
FF ProfilePath: C:\Users\Teodor\AppData\Roaming\Mozilla\Firefox\Profiles\ola3y0kg.default [2017-04-29]
FF Extension: (ABV Notifier) - C:\Users\Teodor\AppData\Roaming\Mozilla\Firefox\Profiles\ola3y0kg.default\Extensions\abvnotifier@netinfo.bg.xpi [2016-10-13]
FF Extension: (YouTube mp3) - C:\Users\Teodor\AppData\Roaming\Mozilla\Firefox\Profiles\ola3y0kg.default\Extensions\info@youtube-mp3.org.xpi [2016-10-08]
FF Extension: (Adblock Plus) - C:\Users\Teodor\AppData\Roaming\Mozilla\Firefox\Profiles\ola3y0kg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\NOD32\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Teodor\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2013-03-30] (Raidcall)
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Teodor\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll [2003-02-11] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-12] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [322176 2014-09-28] (Windows (R) Win 7 DDK provider) [File not signed]
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-10-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-04-26] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
R2 ekrn; D:\NOD32\ekrn.exe [2624856 2017-03-09] (ESET)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1394360 2016-08-25] (Intel Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373728 2017-01-26] (Intel Corporation)
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-01] (Microsoft Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-04-03] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-03-28] (NVIDIA Corporation)
S3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [183112 2016-12-03] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-11-16] (SolidWorks) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 vmms; C:\Windows\system32\vmms.exe [12911104 2017-03-28] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4334232 2016-08-25] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-09-28] (Qualcomm Atheros)
R1 cryptfd; C:\Windows\System32\drivers\cryptfd.sys [193448 2017-03-03] ()
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2016-08-25] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2016-08-25] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-26] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132848 2017-03-09] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14880 2017-03-09] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)
R1 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [77224 2017-03-09] (ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2016-08-25] (Intel Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2017-03-11] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-03-10] (REALiX(tm))
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2016-08-25] (Intel Corporation)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [20992 2016-10-04] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-14] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22528 2016-10-04] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [49152 2016-10-04] (Microsoft Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [422656 2016-08-25] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
R3 Synth3dVsp; C:\Windows\System32\drivers\synth3dvsp.sys [101888 2016-10-04] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [26112 2016-10-04] (Microsoft Corporation)
R2 VMSP; C:\Windows\System32\drivers\vmswitch.sys [882176 2017-03-28] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\System32\drivers\vmswitch.sys [882176 2017-03-28] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\System32\drivers\vmswitch.sys [882176 2017-03-28] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-03-11] (Zemana Ltd.)
S3 cpuz140; \??\C:\Users\Teodor\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys 22CE801AD25C51E2553F41A076BB0CB2
C:\Windows\System32\drivers\3ware.sys 2C49A2441EBB24C6ACFB524C1459115F
C:\Windows\System32\drivers\ACPI.sys B87D3D07FE6F15328C6860D542F0E2BD
C:\Windows\System32\Drivers\acpiex.sys 1E3C4EDBB7F3F668B7205E351010BB79
C:\Windows\System32\drivers\acpipagr.sys 13B1C26AEDCB40082CDD97506F968129
C:\Windows\System32\drivers\acpipmi.sys B3D64FF927D611721DA73A61BF3A18B3
C:\Windows\System32\drivers\acpitime.sys 19F793B2203D94AC1F8AEDB08B494E2E
C:\Windows\System32\drivers\ADP80XX.SYS 2A24E10C1A1DE0E0035E353EED494A1C
C:\Windows\system32\drivers\afd.sys A3D96563BF46FC8A0E5756B796127D14
C:\Windows\System32\drivers\agp440.sys EF09D07626820F7F89519514C17FE768
C:\Windows\System32\DRIVERS\ahcache.sys D9C5A492A28F4DBA9B2B2EA157B46B58
C:\Windows\system32\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658
C:\Windows\system32\drivers\aksdf.sys 3190C577746303CA4C65114441192FE2
C:\Windows\system32\drivers\aksfridge.sys 2845A05E5AF65B5C7A143D637F08496D
C:\Windows\System32\drivers\amdk8.sys 6763084E8322A4876D1613854640F914
C:\Windows\System32\drivers\amdppm.sys DE29D8AB57AD67D4940CAB4A48B3E230
C:\Windows\System32\drivers\amdsata.sys 4C1F9BBAF5CCD76D4642F3B92B97B454
C:\Windows\System32\drivers\amdsbs.sys F8195C1A15955180DD663E7FF4C2F6DD
C:\Windows\System32\drivers\amdxata.sys DD2F5BBCFAC4D8E48DB1A95A7EEBFF08
C:\Windows\system32\drivers\appid.sys 46AAF119090573A80D603745582229ED
C:\Windows\System32\drivers\arcsas.sys 0756EECAC010BE449D07502DF27E7701
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\System32\drivers\asyncmac.sys A5792F971EFE86B7F56EE7299ED1082B
C:\Windows\System32\drivers\atapi.sys 8921DF6060DB5C7700AA48CB12E9EA08
C:\Windows\system32\DRIVERS\btath_flt.sys 8302D313DCC5536FE6BFB85165D9BB1E
C:\Windows\System32\drivers\athw10x.sys 238D669CE5F661F1E9A8CD19CB13A304
C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys C435191FAD19B43E5C3082E4275DCE75
C:\Windows\System32\drivers\AsusTP.sys 6B3143F179EB81EB72A914EE5675F192
C:\Windows\System32\drivers\bxvbda.sys 00D64E82900E4EC9062805ED87C2D75A
C:\Windows\System32\drivers\BasicDisplay.sys 5164A66EC1565711A7B4CF2F143B4979
C:\Windows\System32\drivers\BasicRender.sys 694877414E321A4C4C65C7B1CD6B15F5
C:\Windows\System32\drivers\bcmfn2.sys 25349D0B334E528667980948ED107D89
C:\Windows\System32\Drivers\Beep.sys 1E8A9267F8886803AAE02982FC1B5BC4
C:\Windows\System32\DRIVERS\bowser.sys D37D5D60B531A6AEDCE82F949E5DE1FF
C:\Windows\system32\drivers\btath_a2dp.sys EEFEE4EB812A4F8288424E823C042B9B
C:\Windows\system32\drivers\btath_avdt.sys 5EA46680997EB8D819B199641BE83F79
C:\Windows\System32\drivers\btath_bus.sys AF7DEA6A0E93AF8517A310D189B656BE
C:\Windows\System32\drivers\btath_hcrp.sys 4AF7C20F94DAC343C01ED671C82DCB99
C:\Windows\system32\DRIVERS\btath_lwflt.sys 785C38070043BEEE9E9D591DE4067244
C:\Windows\System32\drivers\btath_rcp.sys 859A116D748FBA603AF94C251DC5CF97
C:\Windows\system32\DRIVERS\btfilter.sys 7E786C64398F965346DDD56264F2A262
C:\Windows\System32\drivers\BthAvrcpTg.sys 20EE9320D385FE575E13189606F135D7
C:\Windows\System32\drivers\BthEnum.sys 74C9D52F3F594529465E18B2BFF80487
C:\Windows\System32\drivers\bthhfenum.sys 647E2A425AD43637EAA01096A58B7089
C:\Windows\System32\drivers\BthHFHid.sys B95040CAD3434D9EE003065363A0FAFF
C:\Windows\System32\drivers\BthLEEnum.sys 10C7E03E6DF231F26136C5C7BADEF3FC
C:\Windows\System32\drivers\bthmodem.sys 29AEE352AED4FCD2191436D263D75347
C:\Windows\System32\drivers\bthpan.sys 38C97371F058E889F730BF35530732F4
C:\Windows\System32\Drivers\BTHport.sys FCC211B0F46D831506D0D76539203899
C:\Windows\System32\Drivers\BTHUSB.sys 5866AE46EEF644E6DE5C95942AE419D7
C:\Windows\System32\drivers\buttonconverter.sys 854AF190F55E6D70EC65A85798F896E2
C:\Windows\System32\drivers\capimg.sys A10A1E05A943B10ECE5D57D131B7404D
C:\Windows\System32\DRIVERS\cdfs.sys F2829DC6D292DCAC5029893BB2E9FEE3
C:\Windows\System32\drivers\cdrom.sys CA160E02F35A61C6F5C681FB4669C519
C:\Windows\System32\drivers\circlass.sys 60D7D304DF75DFF6A46CF633F583B592
C:\Windows\System32\drivers\CLFS.sys 0923051A2D32A7DDAAB95AF4832E044B
C:\Windows\System32\drivers\CmBatt.sys 8EBA63416EC166EBA6EF6D34A505D8C8
C:\Windows\System32\Drivers\cng.sys 40D1594E85C5CD0472CB38135730FA67
C:\Windows\System32\DRIVERS\cnghwassist.sys 5EEA0856000F81B3D709BC81B3AA1EF2
C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys 74CD3BF688E2B408227FE012A2F2D8ED
C:\Windows\System32\drivers\condrv.sys D38774D1D383A2CDB9A4F64B7206913B
C:\Windows\System32\drivers\cryptfd.sys 373EC45C5E2E4C31D9A9BEDC084655E3
C:\Windows\System32\drivers\csc.sys 838755238B2BAE5A4802B038443B8A22
C:\Windows\System32\drivers\dam.sys F038EAF73AAB72A4A89185A5A7B9FD75
C:\Windows\System32\Drivers\dfsc.sys 777362D3376B232AA38EC9921E9E70F7
C:\Windows\System32\drivers\disk.sys FDCD449AE9E75D7690593D16ADAF4DB4
C:\Windows\System32\drivers\dmvsc.sys F10A8F6D036CEDD14A5471782C52F041
C:\Windows\System32\drivers\dptf_cpu.sys C1283B0BEE35F9AF3511E0EBA71F311C
C:\Windows\System32\drivers\dptf_pch.sys DB81D7A6BD9B191A09199D534E8BBEAB
C:\Windows\system32\drivers\drmkaud.sys 45771610FF181434073B5A0A00F20F8D
C:\Windows\System32\drivers\dtlitescsibus.sys 496C3C6BC3D930D0960C9E75AA30F4A7
C:\Windows\System32\drivers\dxgkrnl.sys 2FE896FE44F19F493B27BE5BB1307373
C:\Windows\System32\DRIVERS\eamonm.sys C3E4C744BABD52F15AB3B64E8CA1C4C2
C:\Windows\System32\drivers\evbda.sys 3070013B01EDA42C7EB67D731340C396
C:\Windows\System32\DRIVERS\eelam.sys ED9A634DBA39221A2D8D57BED5173E87
C:\Windows\system32\DRIVERS\ehdrv.sys 44A43B00191FAE1AFC8C6589041ABF26
C:\Windows\System32\drivers\EhStorClass.sys 59EE187E333EE9914DD9BEA5F4E0D85D
C:\Windows\System32\drivers\EhStorTcgDrv.sys 9297F1CC486F24BDFD2874156AC5430F
C:\Windows\system32\DRIVERS\epfwwfpr.sys 3A6A95DFAA03A800F50824378D925509
C:\Windows\System32\drivers\errdev.sys F7FCCA6300485EF60CEA6D991D6C8C78
C:\Windows\system32\DRIVERS\esif_lf.sys 99984B5D3378F8236F3A85E51ACEDD16
C:\Windows\System32\Drivers\exfat.sys DCCDC3F35F0618692117DF90800A4284
C:\Windows\System32\Drivers\fastfat.sys A85D2E507558ADBCD4668E3D842409D2
C:\Windows\System32\drivers\fdc.sys 583EB1C7690E361213BBD0472155128B
C:\Windows\System32\drivers\filecrypt.sys CDFD81CACE0E11596A3BB61EC4CF6467
C:\Windows\System32\drivers\fileinfo.sys 3F02FEDAE894CBF4BAADDF8C8E1D53A8
C:\Windows\System32\drivers\filetrace.sys 2824933386E30DE5BA089DF539CE19A3
C:\Windows\System32\drivers\flpydisk.sys 6A598249640F8BEDD79EC73917E1664F
C:\Windows\System32\drivers\fltmgr.sys 44B6A6832134DF651E887E941478CA35
C:\Windows\System32\drivers\FsDepends.sys 3F3B9E8CECD5604BC7746EF3A852EB67
C:\Windows\System32\Drivers\Fs_Rec.sys A60583221C7BB7CEC35C63285A297BE1
C:\Windows\System32\DRIVERS\fvevol.sys F7101D3B4E00800E6CEE69F9795B7B62
C:\Windows\System32\drivers\gagp30kx.sys 0DAAE3EFCE00133AB3E383A36C47CDAF
C:\Windows\System32\drivers\vmgencounter.sys F59155B95D01C08F9ED774B626B504A1
C:\Windows\System32\drivers\genericusbfn.sys AE309D8BE2E7D8CCB09D2DD3CA4DAEBD
C:\Windows\System32\Drivers\msgpioclx.sys 96F0D3A583A91B634EE2AC2507356EDC
C:\Windows\System32\drivers\gpuenergydrv.sys 7BF844D362EB746BC7A6DC3F57FA3E32
C:\Windows\system32\drivers\hardlock.sys 3921C845A24C62CA1F44EEF4826263E9
C:\Windows\System32\drivers\HdAudio.sys 16255846494071F5D9C120360158D6EB
C:\Windows\System32\drivers\HDAudBus.sys 0915B65E73B9C73ED11243111C512A4D
C:\Windows\System32\drivers\HidBatt.sys D5A57EF4822A0388352FFF9F5CD53495
C:\Windows\System32\drivers\hidbth.sys 39575B53EB80C77FF2A3F1449D00B7F5
C:\Windows\System32\drivers\hidi2c.sys 35C3B602664116E737FF729F9A7156AD
C:\Windows\System32\drivers\hidinterrupt.sys C4ABE526BBF2A18E8AF70177FBAD9C6E
C:\Windows\System32\drivers\hidir.sys 348416C7D7EB05BC3099FE2F2B27985C
C:\Windows\System32\drivers\AsHIDSwitch64.sys 38DA94B6DD8022DA43810E4328608E54
C:\Windows\System32\drivers\hidusb.sys 01F732724AF6EFE69886DA95A4E51820
C:\Windows\system32\drivers\hitmanpro37.sys E7EF785213EB121023E670B4D28BC745
C:\Windows\System32\drivers\HpSAMD.sys 3844CE7DD23530CAD59D8CABA57CCB05
C:\Windows\System32\drivers\HTTP.sys 870DB31C41E4D04BCDDFC297F64D63D7
C:\Windows\System32\drivers\hvservice.sys 13A05E2E3DCA91463A86770C6BE0A3FA
C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS EF558A02D734A1403583E95CCEEC2487
C:\Windows\System32\drivers\hwpolicy.sys 8841D927EB1F7FFC8B1805BC0CF190ED
C:\Windows\System32\drivers\hyperkbd.sys 53436C3835E80F4421652A67F44D6313
C:\Windows\system32\DRIVERS\HyperVideo.sys B2DC6C2F313EBB967B556B4E73A75451
C:\Windows\System32\drivers\i8042prt.sys D4CDEE4A62BDFFF6E8558A9552148EA7
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\Windows\System32\drivers\iaLPSSi_I2C.sys F1DF87463AC308047B089E9F0456B4C8
C:\Windows\System32\drivers\iaStorA.sys 9E47BCE5F240C13331A493E156270589
C:\Windows\System32\drivers\iaStorAV.sys 9FDD4763A115D04F565C38183DE4646F
C:\Windows\System32\drivers\iaStorV.sys 4E69EE8F8E5DA036535D433C544AF9E2
C:\Windows\System32\drivers\ibbus.sys 15C59DF20F74A0C2C764B991FED7F4A5
C:\Windows\system32\DRIVERS\igdkmd64.sys 7BA5F6FEAA79BB7C7A635E6B3982A0D3
C:\Windows\system32\drivers\RTKVHD64.sys A15C6143EED6F615C4BBD28796C6BD49
C:\Windows\system32\DRIVERS\IntcDAud.sys A38C7B403BBFD5B30F27C2D6B11AAF25
C:\Windows\System32\drivers\IntelPcc.sys 72586E6D6DD4144D0C4CBD9D2653BBED
C:\Windows\System32\drivers\intelide.sys 498759139F71142888CF7EFA1ABE18C8
C:\Windows\System32\drivers\intelpep.sys DC270DDCDDC2EF65D484A65CC5166222
C:\Windows\System32\drivers\intelppm.sys B4D9C777762B1F7356958B9C0AA93BEB
C:\Windows\System32\drivers\ioqos.sys 22BD83268B80A8C89AAC0BDF46E4EB5D
C:\Windows\System32\DRIVERS\ipfltdrv.sys A49E47A6E1429123F46A7CA9C05AEFC1
C:\Windows\System32\drivers\IPMIDrv.sys E0C276985AF968CE295B8E09C121321F
C:\Windows\System32\drivers\ipnat.sys 5D3744E6FDEC1A6FB3FA9B1DD4AF0694
C:\Windows\System32\drivers\irenum.sys B18202D72C0EF4B53CEC6F59E3E1B955
C:\Windows\System32\drivers\isapnp.sys CD04CBCCCB4C0E4BB06B98E0F45C888A
C:\Windows\System32\drivers\msiscsi.sys 5D90E942C94B20E0F321015C0ABF3EEA
C:\Windows\System32\drivers\kbdclass.sys 4192DFE6CA143C0AD8AF42C51A82BECA
C:\Windows\System32\drivers\kbdhid.sys B63C0DB341DCB46CF7AA259333A737DD
C:\Windows\System32\drivers\kdnic.sys 53C79A7FABDAAFD11EAB31963FB2CED7
C:\Windows\System32\Drivers\ksecdd.sys EDB81E910FC08DB0A02289D9EC7E4058
C:\Windows\System32\Drivers\ksecpkg.sys FE2DCBAD8EB963C2EE25DF8232ABB0B1
C:\Windows\system32\drivers\ksthunk.sys 503597D9B72DBD9998F722F12A51ACFC
C:\Windows\System32\drivers\lltdio.sys DB789F57CE94C827FBFF709CA5ABD29E
C:\Windows\System32\drivers\lsi_sas.sys 3BB39166E446D456C277C17DFEA3DAC6
C:\Windows\System32\drivers\lsi_sas2i.sys 25CF625E46307A5D6674C8DFA1A289AA
C:\Windows\System32\drivers\lsi_sas3i.sys 722C52B12EA4C198D56994934C9DDAB6
C:\Windows\System32\drivers\lsi_sss.sys 3371FF1D5D745C3306C6A2C4E99C25A9
C:\Windows\system32\drivers\luafv.sys C692B9C0352315417CF49FFA664957A3
C:\Windows\System32\drivers\lunparser.sys 0D1D9F526322074A32ED88D0F024329D
C:\Windows\system32\drivers\MBAMSwissArmy.sys 78488AF2AB2111D67B3C4044707A519B
C:\Windows\System32\drivers\megasas.sys B2ED9A7A5587A128A0EFD0DBE7662E95
C:\Windows\System32\drivers\megasr.sys 083F71488E6780A67290273180256EA5
C:\Windows\System32\drivers\TeeDriverW8x64.sys F782B79A31CBCD15630F030D032915F9
C:\Windows\System32\drivers\mlx4_bus.sys 5907A10D46747A2B6DBFD6A198254DC2
C:\Windows\system32\drivers\mmcss.sys 91ED6F0EDF4158D63C52194F17D4F42E
C:\Windows\System32\drivers\modem.sys 2C4CC9F6ADBED5A6D131FDB97A78FF68
C:\Windows\System32\drivers\monitor.sys D8DB13529C8AD6FBAF8E2F382024374F
C:\Windows\System32\drivers\mouclass.sys 2DAAF1EE1C30F2FCF59851A64ADA0422
C:\Windows\System32\drivers\mouhid.sys D30FE074503283829ED194BCAE6239C3
C:\Windows\System32\drivers\mountmgr.sys D5EC9413527B286CFEEB0294C53ABB95
C:\Windows\System32\drivers\mpsdrv.sys 989A1BBD9C49B107B4A47D06E6827A69
C:\Windows\system32\drivers\mrxdav.sys 7A6C4AD2402E69B00F193C12AA6AF5F6
C:\Windows\System32\DRIVERS\mrxsmb.sys FF80FDFF07668C3EEF3A5CB46B321A06
C:\Windows\System32\DRIVERS\mrxsmb10.sys AF689BBFB01F759BE29779E18929E416
C:\Windows\System32\DRIVERS\mrxsmb20.sys 119BBFC0BC350BC5962DD4748CEAE651
C:\Windows\System32\drivers\bridge.sys E94821F71F63033F78D8A6284A820890
C:\Windows\System32\Drivers\Msfs.sys 7C55F1751CAC199680D4489D1EE46544
C:\Windows\System32\drivers\msgpiowin32.sys 988588C16A53C2581488C15FF18934BF
C:\Windows\System32\drivers\mshidkmdf.sys 09622DBC24D0178F15DB8461BB6970DF
C:\Windows\System32\drivers\mshidumdf.sys 34BB07495C0159BE4189841E16F3BC2F
C:\Windows\System32\drivers\msisadrv.sys 7BF3F0DA362C053918F5F2EC43CE39E2
C:\Windows\system32\drivers\MSKSSRV.sys B2D0FD21FE67D6434769CC6F7A7883CA
C:\Windows\System32\drivers\mslldp.sys FB3801F176376286A3F8F20FFB8CDC53
C:\Windows\system32\drivers\MSPCLOCK.sys 8CBDF0E7A6CD824352F37A682A33DF7E
C:\Windows\system32\drivers\MSPQM.sys 33E5B6261D69ACD4948A5C64B9D8F29F
C:\Windows\System32\Drivers\MsRPC.sys 557DF8C0DBBBF518AC395C6EB1B179AE
C:\Windows\System32\drivers\mssmbios.sys 0A29AFA668F5DD50482A98ECE70C77A7
C:\Windows\system32\drivers\MSTEE.sys 30CE30877FD5BFADE74FA27D7829BF89
C:\Windows\System32\drivers\MTConfig.sys 13D88C0B8A2FA001CD72D454955A6974
C:\Windows\System32\Drivers\mup.sys 00C7F0F06A0A48B9CDB6B3AC3BE288F0
C:\Windows\System32\drivers\mvumis.sys 8E237527CA260C71D39ED4081BDF3419
C:\Windows\System32\DRIVERS\nwifi.sys 51D48DE5622F2712A351AC64FA78F6AA
C:\Windows\System32\drivers\ndfltr.sys CF8296427834CF8BBB3EE1444C17362D
C:\Windows\System32\drivers\ndis.sys 616F40B897DA651221F86A1741E9609B
C:\Windows\System32\drivers\ndiscap.sys A0719D1EBA971DFC5DF5F7CC010385F8
C:\Windows\System32\drivers\NdisImPlatform.sys 0C557932CCCC65AEB37326DD36504527
C:\Windows\System32\DRIVERS\ndistapi.sys 56F9345D1945826135FBAB7589592B1F
C:\Windows\System32\drivers\ndisuio.sys AADFC340939D99E5D756E713E1D452EB
C:\Windows\System32\drivers\NdisVirtualBus.sys 312DFD787D99D3BF1427B0388BC04F71
C:\Windows\System32\drivers\ndiswan.sys 2103F43E0A1ECFB14B7E1B889F5F24D7
C:\Windows\System32\DRIVERS\ndiswan.sys 2103F43E0A1ECFB14B7E1B889F5F24D7
C:\Windows\System32\DRIVERS\NDProxy.sys 6E98F16983C4AE8703FF9F90AB4B31DD
C:\Windows\System32\drivers\Ndu.sys F1B7CC77F412C8D45B2DDCF76EDA4F9D
C:\Windows\System32\drivers\netbios.sys 824FDC990A3F79069BE468A132EB6888
C:\Windows\System32\DRIVERS\netbt.sys 1BD49789354B1CFE28D96DC232071A02
C:\Windows\System32\drivers\netvsc.sys 46E862DA2CF8F351375EF537276B69B5
C:\Windows\System32\Drivers\Npfs.sys 41557BE174E9EC6AC703A8A4ADBC6650
C:\Windows\System32\drivers\npsvctrig.sys AC3F70FCFBCE97AA2F12BA43EE13B86E
C:\Windows\System32\drivers\nsiproxy.sys 66A98C407085B8920DF1E6D722F1ADB8
C:\Windows\System32\Drivers\NTFS.sys 655A6C92FA97C95FEB1D3EBCFA70D49E
C:\Windows\System32\Drivers\Null.sys 383E546EF4982262A0EF6CC2B6E9D525
C:\Windows\system32\DRIVERS\nvlddmkm.sys 90050A0469120BD8E0931267FFE31CFD
C:\Windows\System32\drivers\nvraid.sys 466F875F1D4C6ABB46AF28007009237C
C:\Windows\System32\drivers\nvstor.sys 76F19EAE7A52CBAF7B8EC428BE6E0DA0
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys E2FB488BC050378E94EECC214D2E5BE0
C:\Windows\system32\drivers\nvvad64v.sys 0EE2295234652B8B32E74D867303A3B8
C:\Windows\System32\drivers\nvvhci.sys 848DD3F4E7346B03F380AEA9A50F829B
C:\Windows\System32\drivers\nv_agp.sys 0D0CB77D74B38E0EC62341C19E469D8D
C:\Windows\System32\drivers\parport.sys 38F1AE32339731F6E5A7281AE8042545
C:\Windows\System32\drivers\partmgr.sys 707889D2F95AAE8C9DD254D8767AD908
C:\Windows\System32\drivers\passthruparser.sys 23F3D65726903AF63AB03EE4189C02AB
C:\Windows\System32\drivers\pci.sys B580CD1FAA762E0C1C95C43BF0E58FD7
C:\Windows\System32\drivers\pciide.sys 3D587E4295B11B8480F7ACB09A89D718
C:\Windows\System32\drivers\pcmcia.sys B8F07002B5F1DA23CFF979C2806B09F3
C:\Windows\System32\drivers\pcw.sys FF588077D0C6AC2EA3FCBF1903CE08D0
C:\Windows\System32\drivers\pdc.sys 70469C8AC4AD367295E70CFDD81B754C
C:\Windows\System32\drivers\peauth.sys 688F47C342E1BBC87A48AB71D316233E
C:\Windows\System32\drivers\percsas2i.sys 189265498945593D5256CFF7FEBB9665
C:\Windows\System32\drivers\percsas3i.sys 9B86965114F6831A5130EFE6657B17D9
C:\Windows\System32\drivers\raspptp.sys 1433EB7908E5E1E20FFD50E4126C3484
C:\Windows\System32\drivers\processr.sys 22DE54C3974E4FD98F61D095C22C59B7
C:\Windows\System32\drivers\pacer.sys EDD52C352CBAAAD13FD7BD5DCEA309B3
C:\Windows\System32\drivers\pvhdparser.sys BC79A3E7D5C7DBF6F584C5AD0DEB0459
C:\Windows\system32\drivers\qwavedrv.sys 51590F442C6E5D43244BA30DDB0CE79D
C:\Windows\System32\DRIVERS\rasacd.sys E951E70019865B06126AF850BCCA2026
C:\Windows\System32\drivers\AgileVpn.sys 0BF8607133AE264BC3C41A5BAA5FFB7B
C:\Windows\System32\drivers\rasl2tp.sys 2521520142F7853E39028AE6BD66E072
C:\Windows\System32\drivers\raspppoe.sys E5FA41160F5A3D78D8F7765E5C5F6BB0
C:\Windows\System32\drivers\rassstp.sys DF0834AE921E633E05D1FDC55C318957
C:\Windows\System32\DRIVERS\rdbss.sys FC9B7AC6E2B837EF7CD6C64F7068D41D
C:\Windows\System32\drivers\rdpbus.sys FB7375657F8A5932C35EAA45E9B4B416
C:\Windows\System32\drivers\rdpdr.sys A32AED8C644734B283A7C9D08D76064D
C:\Windows\System32\drivers\rdpvideominiport.sys 37CC7E41243EFBB4FBC0510E5CA32A02
C:\Windows\System32\drivers\rdyboost.sys DAF957B25A35757E9D814611FAE8FE3B
C:\Windows\System32\Drivers\ReFSv1.sys 2C72E029C153D25325CA182A669E4ADE
C:\Windows\System32\drivers\rfcomm.sys 67E83C0C9A2B5ACEE9EF690E6B7E9189
C:\Windows\System32\drivers\rspndr.sys DC66C1D262D64E30A30B68E9F21AC74B
C:\Windows\System32\drivers\rt640x64.sys 179E6BCF8D16AD39C137CB4FCFE015C5
C:\Windows\System32\drivers\Rt630x64.sys D5C3918E3EF787A41172B8E5348247F0
C:\Windows\system32\Drivers\RtsUer.sys A517AF98EA3943595BEBA5D48F7DE65E
C:\Windows\System32\drivers\vms3cap.sys 88F7703F2A4677C828124AE2110D3EBC
C:\Windows\System32\drivers\sbp2port.sys B467E932FE4E16E201DC7E56870CB559
C:\Windows\System32\DRIVERS\scfilter.sys 0A46511F70F076D5CA57F2B96E4550E3
C:\Windows\System32\drivers\sdbus.sys 004C66464D8FE76D5DA78BE6777D61AF
C:\Windows\System32\drivers\sdstor.sys F4BF50A7D16A97A887BFA0F193693C42
C:\Windows\system32\DRIVERS\WUDFRd.sys 4E848DE29E4279C7F25EF5B34ED94FDD
C:\Windows\System32\drivers\SerCx.sys 9DB0BBE3ABE1F49651AE51EC5BCABE58
C:\Windows\System32\drivers\SerCx2.sys C4AF79C37334D995D95C22C14FDBF7FD
C:\Windows\System32\drivers\serenum.sys FC541A272F47BE03E67A9FCB87FA8C3E
C:\Windows\System32\drivers\serial.sys 997B78F8E312450C6CF31FA58EDDC84F
C:\Windows\System32\drivers\sermouse.sys C8738887228B7BFA3B1A906816A8BB12
C:\Windows\System32\drivers\sfloppy.sys 67832B68752CDF7FDE56949E4A2E70BF
C:\Windows\System32\drivers\SiSRaid2.sys ED058030296CF9B79C8D48BF43724323
C:\Windows\System32\drivers\sisraid4.sys 633D3D1581E9DCCD5A2D8F039104C9A5
C:\Windows\System32\drivers\spaceport.sys 187B4AD4446C59F8FCC4A10F473EE3D1
C:\Windows\System32\drivers\SpbCx.sys 2799FCA215919FDC9A87C5FCAB530828
C:\Windows\System32\DRIVERS\srv.sys 3B7E062782A1992E69F584446D8BC05A
C:\Windows\System32\DRIVERS\srv2.sys AB962D9FC6EE52CAB3C5E65955EDA633
C:\Windows\System32\DRIVERS\srvnet.sys 7711E47227A2BEFACD45688E6E4FCB00
C:\Windows\System32\drivers\stexstor.sys DDE064A4298FD1FBF804D3ED691E7EDB
C:\Windows\System32\drivers\storahci.sys 32C95F44108C3E7DB58F773346E3C9D0
C:\Windows\System32\drivers\vmstorfl.sys 8883C8CE4942A99B84E1CC6EFA19738E
C:\Windows\System32\drivers\stornvme.sys AE7B7E1E95BFB9340B1956C98CA52C81
C:\Windows\System32\drivers\storqosflt.sys 63513EF3121689B3A59BD217618A2E42
C:\Windows\System32\drivers\storufs.sys 000F5CFCEF0F06DC8FD1D2F568E48AE4
C:\Windows\System32\drivers\storvsc.sys 7415087F9006D6818F85F3CBD79B1A50
C:\Windows\System32\drivers\storvsp.sys 42D0AA270F2C38DB1B70FAF4BCBEB089
C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys 802278EE4ACCE9EA1F1481DF20EB1667
C:\Windows\System32\drivers\Synth3dVsc.sys 12D0CB1DCAE6725B6CA54CC2038C4C8C
C:\Windows\System32\drivers\synth3dvsp.sys CB288F6B5B186D5CF8B0A7AD2CA22409
C:\Windows\System32\drivers\tcpip.sys F7C2E1AFC4E657BF78D273BF5BB2BA41
C:\Windows\System32\drivers\tcpip.sys F7C2E1AFC4E657BF78D273BF5BB2BA41
C:\Windows\System32\drivers\tcpipreg.sys D378A1AF58AFA84BB6AC753F2C1BE9F4
C:\Windows\system32\DRIVERS\tdx.sys D42AC03ACF9CA67693D1D9BB4D2A0BC8
C:\Windows\System32\drivers\terminpt.sys CCDBD2817C10A4F631280CBB3AE44FFB
C:\Windows\system32\drivers\tpm.sys F4AEDABC8F3A9D632F8206D0C7F8CA09
C:\Windows\System32\drivers\TsUsbFlt.sys 676C801CAA61AADD0C918CC536A74B78
C:\Windows\System32\drivers\TsUsbGD.sys 2BB6CC0DD1CEE86330743B56FA9FE91F
C:\Windows\System32\drivers\tunnel.sys 14B46248612DF1B1A695040FFFBCFAFC
C:\Windows\System32\drivers\uagp35.sys D0BE5EA1652D55029C9A898FB8ACFCE0
C:\Windows\System32\drivers\uaspstor.sys 13C15E4B238895FE4731DB1D612EEB5F
C:\Windows\System32\Drivers\UcmCx.sys BEBB8B55C5F99B69EEE39A9D7BADB21E
C:\Windows\System32\drivers\UcmUcsi.sys DE3EDAF609D00EA2E54986E6459796A6
C:\Windows\System32\drivers\ucx01000.sys FB1C1D8B96A482F3581338D6752E1D6C
C:\Windows\System32\drivers\udecx.sys 4E1543ACE2F6E2846713E5123D9D4159
C:\Windows\System32\DRIVERS\udfs.sys CDCA9CC1D8293E75218D8FF85F2337A4
C:\Windows\System32\drivers\UEFI.sys BC683E19307C533C7161DB7A58051347
C:\Windows\System32\drivers\ufx01000.sys D14B42C26DE402F316D49667D15446F0
C:\Windows\System32\drivers\UfxChipidea.sys 192470BE4321791FBB25F379D0141D6F
C:\Windows\System32\drivers\ufxsynopsys.sys F7BD838E84E6B286DBCE068EFB8C0800
C:\Windows\System32\drivers\uliagpkx.sys A25842AC180F0E8B02380ECB8ADA1AF5
C:\Windows\System32\drivers\umbus.sys 21088F43172525C7E02D335A3327F46C
C:\Windows\System32\drivers\umpass.sys 294A291B5D48FE8F38DD94B7272442C5
C:\Windows\System32\drivers\urschipidea.sys A7A52EDDC3FAF183D6AC4774690ADF13
C:\Windows\System32\drivers\urscx01000.sys 2EEA0897DD9E30E958B508D557F0B5E4
C:\Windows\System32\drivers\urssynopsys.sys DC54D775A3A61E4CDE871B4E38A1459A
C:\Windows\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\Windows\System32\drivers\usbccgp.sys 18B63A0980F4AA1E6D7879B253980E37
C:\Windows\System32\drivers\usbcir.sys 1C60A1A3C8E1E819E16F12BAEB1C83F8
C:\Windows\System32\drivers\usbehci.sys 9A3E39F85DC6E3B9F792F1095ACFF788
C:\Windows\System32\drivers\usbhub.sys 0A368247A900656CC0678117DFC3A87C
C:\Windows\System32\drivers\UsbHub3.sys 1BDA1FD02783566F0B20EB0E2517F85C
C:\Windows\System32\drivers\usbohci.sys 72EA850B59F40C25A4FEDDA5FE84EFEB
C:\Windows\System32\drivers\usbprint.sys 47B2B2DE152E25546944049CA1170BB1
C:\Windows\System32\drivers\usbser.sys 6D12FF8801832846542FD2B078B6E05F
C:\Windows\System32\drivers\USBSTOR.SYS 3EB26D5963844FFAE63A93024D502BAE
C:\Windows\System32\drivers\usbuhci.sys DFA92EA105DD1073B43FB210EEB03DD4
C:\Windows\System32\Drivers\usbvideo.sys B1484D4BBC6B7B424F1CD1554B0AFB84
C:\Windows\System32\drivers\USBXHCI.SYS C67A03F54A1EA683F4880A481EE5FF6C
C:\Windows\System32\drivers\vdrvroot.sys 26223003DDFB347B5CF3EC0B56DB066B
C:\Windows\System32\drivers\VerifierExt.sys A417284BC6B5C2EEF63F2C5154473530
C:\Windows\System32\drivers\vhdmp.sys EB662967F1E874962150C5C41582F87A
C:\Windows\System32\drivers\vhdparser.sys 271AA552D8F240DD52D2421615D9417C
C:\Windows\System32\drivers\vhf.sys C42206A15078596FDE8E89BB629DE342
C:\Windows\System32\drivers\Vid.sys 5F7D6D8AC18BD1EECE0E902ABD8E54EE
C:\Windows\System32\drivers\vmbus.sys 248D9F911A5C94CF8477125DD0C3A291
C:\Windows\System32\drivers\VMBusHID.sys 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E
C:\Windows\System32\drivers\vmbusr.sys 93BB1C922640CA0FA8D6BC117AC729AF
C:\Windows\System32\drivers\vmswitch.sys FCDE53FDF3E8A9E0E26510515F9ECB88
C:\Windows\System32\drivers\vmswitch.sys FCDE53FDF3E8A9E0E26510515F9ECB88
C:\Windows\System32\drivers\vmswitch.sys FCDE53FDF3E8A9E0E26510515F9ECB88
C:\Windows\System32\drivers\volmgr.sys 91F165C5D71D9DCB18D4661CF10D1084
C:\Windows\System32\drivers\volmgrx.sys 17042748AC05862A0283D32575220080
C:\Windows\System32\drivers\volsnap.sys 823A237D871CD652C6BFD47BECB6810A
C:\Windows\System32\drivers\vpci.sys 78727FA284C2095EED660D71CD3C9AEF
C:\Windows\System32\drivers\vpcivsp.sys A94CD7842435805267E0259CB0908D34
C:\Windows\System32\drivers\vsmraid.sys 2415961D561E02F5E46B7C1C687A6788
C:\Windows\System32\drivers\vstxraid.sys 6AE9A843AE979F2DCCA5A25C07C7A5F8
C:\Windows\System32\drivers\vwifibus.sys BD232C761C59FA8D8EF626CA630E2D2E
C:\Windows\System32\drivers\vwififlt.sys 3039687AB65CEE26CF478C1F42FFCD7D
C:\Windows\System32\drivers\vwifimp.sys 37C868DDE3103130B00AD1313DAB5ACB
C:\Windows\System32\drivers\wacompen.sys FC40A7527D39F06D032A6553D22E4BF6
C:\Windows\System32\DRIVERS\wanarp.sys E9E22E116F810DAC98C5EC207F24C916
C:\Windows\System32\DRIVERS\wanarp.sys E9E22E116F810DAC98C5EC207F24C916
C:\Windows\system32\drivers\WdBoot.sys C8BA574B3BA6AE88741AC86B1FE3C1DC
C:\Windows\System32\drivers\Wdf01000.sys 927AD29D7F91B9A0C5294932374DA15E
C:\Windows\system32\drivers\WdFilter.sys C5BB7C612B4C852836BEA39593BA5F46
C:\Windows\System32\DRIVERS\wdiwifi.sys E77B04475C1C02BA31CB87FDFB4C95AC
C:\Windows\System32\Drivers\WdNisDrv.sys BD193A7BD34B2E829FAF56306FEE3B09
C:\Windows\System32\drivers\wfplwfs.sys DBF5255B759212E5217A2748567A0B5C
C:\Windows\System32\drivers\wimmount.sys 4375BCBA419D19695CF566082CEF27D3
C:\Windows\System32\drivers\WindowsTrustedRT.sys 037BC6DE5F58D4A74A5BB0C12DCECDCA
C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys 70BCD70BD53F2FE660ED94B025A043EB
C:\Windows\System32\drivers\winmad.sys 7792AE5403BF8975B6460DFC3428D129
C:\Windows\System32\drivers\winnat.sys 4F35C64C206536A34C3D0187E9A483E7
C:\Windows\System32\drivers\WinUSB.SYS 811F30EB6EE8318C4171CB95AE30B9BD
C:\Windows\System32\drivers\winverbs.sys DF00381AB8665D48DE3FF794BC6760AB
C:\Windows\System32\drivers\wmiacpi.sys 623ED8E10DFEEAB7AE2CD11A0451DB79
C:\Windows\System32\Drivers\Wof.sys 78CA1FF6FE37EEFAFF99DD1C956AF60A
C:\Windows\System32\DRIVERS\wpcfltr.sys 388F2A3C771B8BEE76FD1AAF9614D08E
C:\Windows\System32\drivers\WpdUpFltr.sys 37DCE976B3935380F2F6E39ABB6BF40D
C:\Windows\system32\drivers\ws2ifsl.sys 3CD22DD5A790CF7C24D65455E565EA83
C:\Windows\System32\drivers\WudfPf.sys 835F60262E7E310080EA05F6752BF248
C:\Windows\System32\drivers\WUDFRd.sys 4E848DE29E4279C7F25EF5B34ED94FDD
C:\Windows\system32\DRIVERS\WUDFRd.sys 4E848DE29E4279C7F25EF5B34ED94FDD
C:\Windows\system32\DRIVERS\WUDFRd.sys 4E848DE29E4279C7F25EF5B34ED94FDD
C:\Windows\System32\drivers\xboxgip.sys 30021D1E0407B71E8D5D4F8DAE4E656A
C:\Windows\System32\drivers\xinputhid.sys 6851673B90D8CB332439E0339F81A6B6
C:\Windows\System32\drivers\zamguard64.sys 21E13F2CB269DEFEAE5E1D09887D47BB

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-29 08:51 - 2017-04-29 08:51 - 00051724 _____ C:\Users\Teodor\Desktop\FRST.txt
2017-04-29 08:50 - 2017-04-29 08:51 - 00000000 ____D C:\FRST
2017-04-29 08:50 - 2017-04-29 08:50 - 02427392 _____ (Farbar) C:\Users\Teodor\Desktop\FRST64.exe
2017-04-29 08:46 - 2017-04-29 08:46 - 00016148 _____ C:\Windows\system32\DESKTOP-C04JVK0_Teodor_HistoryPrediction.bin
2017-04-27 18:26 - 2017-04-27 18:30 - 00015505 _____ C:\Users\Teodor\Desktop\jj_phys2_04.rar
2017-04-27 18:26 - 2017-04-27 18:29 - 00017730 _____ C:\Users\Teodor\Desktop\fiz22.zip
2017-04-27 18:08 - 2017-04-27 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-26 21:02 - 2017-04-26 21:02 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-26 17:35 - 2017-04-26 17:35 - 00036337 _____ C:\Users\Teodor\Desktop\The_Flash_S03E18.(subs.sab.bz).rar
2017-04-26 17:30 - 2017-04-26 17:31 - 00020468 _____ C:\Users\Teodor\Desktop\The.Flash.S03E19.HDTV.LOL.en.zip
2017-04-24 19:53 - 2017-04-24 20:10 - 00000000 ____D C:\Users\Teodor\Desktop\oip 7ma
2017-04-24 16:41 - 2017-04-24 16:41 - 00044116 _____ C:\Users\Teodor\Desktop\hacker.(2016).eng.1cd.(6955847).zip
2017-04-23 01:32 - 2017-04-23 01:32 - 00000000 ____D C:\Windows\LastGood
2017-04-23 01:31 - 2017-03-28 06:32 - 00153536 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-04-23 01:31 - 2017-03-28 06:32 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-04-14 21:06 - 2017-04-15 10:56 - 00000000 ____D C:\Users\Teodor\AppData\Local\Samsung
2017-04-14 21:06 - 2017-04-14 21:06 - 00000000 ____D C:\Users\Teodor\Documents\samsung
2017-04-14 21:06 - 2017-04-14 21:06 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-04-14 21:04 - 2016-05-18 14:49 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2017-04-14 21:04 - 2016-05-18 14:49 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-04-12 12:47 - 2017-04-12 12:47 - 00000000 ____D C:\Users\Teodor\AppData\Local\ESET
2017-04-12 10:48 - 2017-04-12 10:48 - 00000000 ____D C:\Users\Teodor\Documents\Adobe
2017-04-12 10:29 - 2017-04-12 10:29 - 00000000 ____D C:\ProgramData\Adobe
2017-04-12 10:29 - 2017-04-12 10:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-04-12 09:40 - 2017-04-12 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-04-11 21:39 - 2017-03-28 13:09 - 01980256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 21:39 - 2017-03-28 13:03 - 08666400 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:39 - 2017-03-28 12:36 - 03651232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 21:39 - 2017-03-28 12:35 - 22327264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-04-11 21:39 - 2017-03-28 12:06 - 01897680 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2017-04-11 21:39 - 2017-03-28 12:05 - 01781416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 21:39 - 2017-03-28 11:21 - 06913360 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:39 - 2017-03-28 10:54 - 02904328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 21:39 - 2017-03-28 10:52 - 20863000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-04-11 21:39 - 2017-03-28 10:28 - 01517480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 21:39 - 2017-03-28 10:21 - 24591360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 21:39 - 2017-03-28 10:11 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-04-11 21:39 - 2017-03-28 10:09 - 03494400 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 21:39 - 2017-03-28 10:06 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-04-11 21:39 - 2017-03-28 10:01 - 12911104 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2017-04-11 21:39 - 2017-03-28 09:29 - 03580928 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-04-11 21:39 - 2017-03-28 09:16 - 21856256 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-04-11 21:39 - 2017-03-28 09:08 - 19331072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 21:39 - 2017-03-28 09:07 - 07526400 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-04-11 21:39 - 2017-03-28 09:00 - 04398080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-04-11 21:38 - 2017-03-28 13:21 - 01315008 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 21:38 - 2017-03-28 13:21 - 01023208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-04-11 21:38 - 2017-03-28 13:21 - 00862024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-04-11 21:38 - 2017-03-28 13:21 - 00201448 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2017-04-11 21:38 - 2017-03-28 13:20 - 00605472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-04-11 21:38 - 2017-03-28 13:19 - 03467784 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2017-04-11 21:38 - 2017-03-28 13:18 - 01538176 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-04-11 21:38 - 2017-03-28 13:18 - 00652864 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-04-11 21:38 - 2017-03-28 13:17 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-11 21:38 - 2017-03-28 13:16 - 08014176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-11 21:38 - 2017-03-28 13:16 - 02816024 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2017-04-11 21:38 - 2017-03-28 13:16 - 00786624 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-04-11 21:38 - 2017-03-28 13:16 - 00552288 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-04-11 21:38 - 2017-03-28 13:15 - 02495768 _____ C:\Windows\system32\CoreUIComponents.dll
2017-04-11 21:38 - 2017-03-28 13:11 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 21:38 - 2017-03-28 13:10 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-04-11 21:38 - 2017-03-28 13:09 - 00807832 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-04-11 21:38 - 2017-03-28 13:08 - 01589224 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-11 21:38 - 2017-03-28 12:37 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-04-11 21:38 - 2017-03-28 12:33 - 06525424 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2017-04-11 21:38 - 2017-03-28 12:32 - 01134792 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-04-11 21:38 - 2017-03-28 12:32 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-04-11 21:38 - 2017-03-28 12:29 - 00256728 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2017-04-11 21:38 - 2017-03-28 12:07 - 00958816 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-04-11 21:38 - 2017-03-28 12:07 - 00927072 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-04-11 21:38 - 2017-03-28 12:07 - 00784224 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-04-11 21:38 - 2017-03-28 12:06 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 21:38 - 2017-03-28 12:05 - 00613112 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-04-11 21:38 - 2017-03-28 11:39 - 00953992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 21:38 - 2017-03-28 11:39 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2017-04-11 21:38 - 2017-03-28 11:38 - 01364040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-11 21:38 - 2017-03-28 11:34 - 01531880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-11 21:38 - 2017-03-28 11:34 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-04-11 21:38 - 2017-03-28 11:34 - 00439648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-04-11 21:38 - 2017-03-28 11:32 - 01766496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-04-11 21:38 - 2017-03-28 10:58 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2017-04-11 21:38 - 2017-03-28 10:54 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-04-11 21:38 - 2017-03-28 10:28 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-04-11 21:38 - 2017-03-28 10:28 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 21:38 - 2017-03-28 10:22 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-04-11 21:38 - 2017-03-28 10:20 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 21:38 - 2017-03-28 10:13 - 12516352 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 21:38 - 2017-03-28 10:09 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 21:38 - 2017-03-28 10:09 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 21:38 - 2017-03-28 10:09 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-04-11 21:38 - 2017-03-28 10:09 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 21:38 - 2017-03-28 10:07 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 21:38 - 2017-03-28 10:07 - 00775680 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 21:38 - 2017-03-28 10:06 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-11 21:38 - 2017-03-28 09:52 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-11 21:38 - 2017-03-28 09:45 - 00952320 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-11 21:38 - 2017-03-28 09:38 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2017-04-11 21:38 - 2017-03-28 09:37 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-04-11 21:38 - 2017-03-28 09:36 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-04-11 21:38 - 2017-03-28 09:36 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2017-04-11 21:38 - 2017-03-28 09:34 - 00882176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmswitch.sys
2017-04-11 21:38 - 2017-03-28 09:34 - 00675840 _____ (Microsoft Corporation) C:\Windows\system32\vsconfig.dll
2017-04-11 21:38 - 2017-03-28 09:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2017-04-11 21:38 - 2017-03-28 09:29 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2017-04-11 21:38 - 2017-03-28 09:29 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 21:38 - 2017-03-28 09:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-04-11 21:38 - 2017-03-28 09:16 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-04-11 21:38 - 2017-03-28 09:07 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 21:38 - 2017-03-28 08:59 - 02962432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 21:38 - 2017-03-28 08:59 - 01492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 21:38 - 2017-03-28 08:59 - 01383424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 21:38 - 2017-03-28 08:59 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 21:38 - 2017-03-28 08:58 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 21:38 - 2017-03-28 08:58 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 21:38 - 2017-03-28 08:58 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-04-11 21:38 - 2017-03-28 08:57 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-04-11 21:38 - 2017-03-28 08:57 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 21:38 - 2017-03-28 08:43 - 00768512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-11 21:38 - 2017-03-28 08:38 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2017-04-11 21:38 - 2017-03-28 08:36 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-04-11 21:38 - 2017-03-28 08:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-04-11 21:38 - 2017-03-28 08:15 - 11272192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 21:38 - 2017-03-28 08:15 - 05459456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-04-11 21:38 - 2017-03-28 08:14 - 18798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-04-11 21:38 - 2017-03-28 08:11 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-04-11 21:38 - 2017-03-18 23:17 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-04-11 21:38 - 2017-03-18 23:00 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-11 21:38 - 2017-03-18 21:21 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-11 21:37 - 2017-03-28 11:14 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-04-11 21:37 - 2017-03-28 11:14 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-04-11 21:37 - 2017-03-28 11:10 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2017-04-11 21:37 - 2017-03-28 10:51 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-04-11 21:37 - 2017-03-28 10:50 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-04-11 21:37 - 2017-03-28 10:48 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-04-11 21:37 - 2017-03-28 10:44 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 21:37 - 2017-03-28 10:44 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-04-11 21:37 - 2017-03-28 10:43 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-11 21:37 - 2017-03-28 10:43 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2017-04-11 21:37 - 2017-03-28 10:42 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-04-11 21:37 - 2017-03-28 10:38 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 21:37 - 2017-03-28 10:36 - 04847616 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-04-11 21:37 - 2017-03-28 10:28 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-04-11 21:37 - 2017-03-28 10:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 21:37 - 2017-03-28 10:09 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-11 21:37 - 2017-03-28 10:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 21:37 - 2017-03-28 10:08 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 21:37 - 2017-03-28 10:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-11 21:37 - 2017-03-28 10:07 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-11 21:37 - 2017-03-28 10:07 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 21:37 - 2017-03-28 09:58 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-04-11 21:37 - 2017-03-28 09:54 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2017-04-11 21:37 - 2017-03-28 09:50 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-04-11 21:37 - 2017-03-28 09:47 - 00819712 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2017-04-11 21:37 - 2017-03-28 09:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-11 21:37 - 2017-03-28 09:47 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-04-11 21:37 - 2017-03-28 09:45 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-04-11 21:37 - 2017-03-28 09:45 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-04-11 21:37 - 2017-03-28 09:38 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2017-04-11 21:37 - 2017-03-28 09:38 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2017-04-11 21:37 - 2017-03-28 09:33 - 04453888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-04-11 21:37 - 2017-03-28 09:31 - 02599424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-04-11 21:37 - 2017-03-28 09:30 - 04168704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2017-04-11 21:37 - 2017-03-28 09:30 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-04-11 21:37 - 2017-03-28 09:30 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 21:37 - 2017-03-28 09:29 - 00338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-04-11 21:37 - 2017-03-28 09:28 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-04-11 21:37 - 2017-03-28 09:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-11 21:37 - 2017-03-28 09:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-11 21:37 - 2017-03-28 09:25 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-04-11 21:37 - 2017-03-28 09:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-04-11 21:37 - 2017-03-28 09:24 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-04-11 21:37 - 2017-03-28 09:20 - 03873280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-04-11 21:37 - 2017-03-28 09:15 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-04-11 21:37 - 2017-03-28 09:13 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-04-11 21:37 - 2017-03-28 09:09 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 21:37 - 2017-03-28 09:06 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-11 21:37 - 2017-03-28 09:06 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-04-11 21:37 - 2017-03-28 09:03 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-04-11 21:37 - 2017-03-28 08:59 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-04-11 21:37 - 2017-03-28 08:58 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-04-11 21:37 - 2017-03-28 08:58 - 00885248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-11 21:37 - 2017-03-28 08:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 21:37 - 2017-03-28 08:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\dbgcore.dll
2017-04-11 21:37 - 2017-03-28 08:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-04-11 21:37 - 2017-03-28 08:45 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-04-11 21:37 - 2017-03-28 08:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-04-11 21:37 - 2017-03-28 08:44 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-04-11 21:37 - 2017-03-28 08:44 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-04-11 21:37 - 2017-03-28 08:37 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2017-04-11 21:37 - 2017-03-28 08:34 - 03692032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-04-11 21:37 - 2017-03-28 08:31 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2017-04-11 21:37 - 2017-03-28 08:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 21:37 - 2017-03-28 08:30 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-04-11 21:37 - 2017-03-28 08:17 - 03579904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-11 21:37 - 2017-03-28 08:11 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-11 21:37 - 2017-03-28 08:11 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-11 21:37 - 2017-03-28 08:04 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgcore.dll
2017-04-11 21:37 - 2017-03-28 07:52 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-04-11 21:37 - 2017-03-28 05:11 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-11 21:37 - 2017-03-18 22:01 - 00596992 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2017-04-11 21:37 - 2017-03-18 20:39 - 00451584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2017-04-11 20:23 - 2017-04-11 20:23 - 00000000 ____D C:\ProgramData\ESET
2017-04-08 19:06 - 2017-04-08 19:06 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-08 19:06 - 2017-03-11 00:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-04-08 19:06 - 2017-03-11 00:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-04-08 19:06 - 2017-03-11 00:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-04-08 19:06 - 2017-03-11 00:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-04-08 19:02 - 2017-04-01 06:27 - 24712080 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-04-08 19:02 - 2017-04-01 06:27 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-08 19:02 - 2017-04-01 06:27 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 35354048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 28592184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 16895552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 13687472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 11111392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 10635192 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 03790904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 03246016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 01055800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00995920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00196152 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-04-08 19:01 - 2017-04-01 06:27 - 00168640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-04-08 18:58 - 2017-04-01 06:27 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-08 18:58 - 2017-04-01 06:27 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-04-08 18:58 - 2017-04-01 06:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-04-08 18:58 - 2017-04-01 06:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-04-08 18:39 - 2017-04-08 18:39 - 00002284 _____ C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\Texas HoldEm Poker.lnk
2017-04-03 14:51 - 2017-04-03 14:51 - 00000000 ____D C:\Users\Teodor\AppData\Local\mpress
2017-04-03 14:50 - 2017-04-03 14:50 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2017-04-03 14:50 - 2017-04-03 14:50 - 00005120 _____ C:\Windows\KMS-R@1nHook.exe
2017-04-03 14:50 - 2017-04-03 14:50 - 00004096 _____ C:\Windows\KMS-R@1nHook.dll
2017-04-03 14:50 - 2017-04-03 14:50 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2017-04-01 19:54 - 2017-04-01 19:54 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\RcGameBoxRU
2017-04-01 19:53 - 2017-04-01 19:53 - 00000715 _____ C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2017-03-27 19:36 - 2017-03-27 19:36 - 00001477 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-03-27 19:36 - 2017-03-27 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-03-27 19:35 - 2017-03-27 19:35 - 00000000 ____D C:\Program Files\iPod
2017-03-27 19:33 - 2017-03-27 19:33 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2017-03-27 19:33 - 2017-03-27 19:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-03-25 22:10 - 2017-03-26 10:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-25 22:10 - 2017-03-25 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-22 20:47 - 2017-03-22 20:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-22 20:47 - 2017-03-22 20:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-03-22 20:47 - 2017-03-22 20:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-03-20 20:35 - 2017-03-17 04:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437892.dll
2017-03-20 20:35 - 2017-03-17 04:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437892.dll
2017-03-18 18:58 - 2017-03-18 18:58 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-03-18 18:58 - 2017-03-18 18:58 - 00000000 ____D C:\Users\Teodor\AppData\Local\Facebook
2017-03-16 23:39 - 2017-03-17 00:05 - 00000000 ____D C:\Users\Teodor\Desktop\PIK2
2017-03-16 01:14 - 2017-03-16 02:23 - 00000038 _____ C:\Users\Teodor\Desktop\realmlists.txt
2017-03-15 01:51 - 2017-03-04 07:50 - 06791168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-15 01:51 - 2017-03-04 07:46 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-03-15 01:51 - 2017-03-04 07:00 - 05163008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-03-15 01:50 - 2017-03-04 10:55 - 04533320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-03-15 01:50 - 2017-03-04 10:55 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-03-15 01:50 - 2017-03-04 10:55 - 01063504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-03-15 01:50 - 2017-03-04 10:53 - 06488312 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-03-15 01:50 - 2017-03-04 10:52 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-03-15 01:50 - 2017-03-04 10:48 - 00549600 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-03-15 01:50 - 2017-03-04 10:48 - 00335248 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-03-15 01:50 - 2017-03-04 10:47 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2017-03-15 01:50 - 2017-03-04 10:45 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-03-15 01:50 - 2017-03-04 10:44 - 00075448 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-15 01:50 - 2017-03-04 10:43 - 00608584 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-03-15 01:50 - 2017-03-04 10:42 - 00771160 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2017-03-15 01:50 - 2017-03-04 10:41 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-03-15 01:50 - 2017-03-04 10:12 - 00252768 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 01:50 - 2017-03-04 10:11 - 00724168 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2017-03-15 01:50 - 2017-03-04 09:46 - 00224712 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-03-15 01:50 - 2017-03-04 09:34 - 04047800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-03-15 01:50 - 2017-03-04 09:34 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-03-15 01:50 - 2017-03-04 09:33 - 02153296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-03-15 01:50 - 2017-03-04 09:31 - 05118024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-03-15 01:50 - 2017-03-04 09:29 - 00680768 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-03-15 01:50 - 2017-03-04 09:27 - 00521192 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2017-03-15 01:50 - 2017-03-04 09:27 - 00467432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-03-15 01:50 - 2017-03-04 09:26 - 00265480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-03-15 01:50 - 2017-03-04 09:25 - 01895576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2017-03-15 01:50 - 2017-03-04 09:23 - 02445128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-03-15 01:50 - 2017-03-04 09:21 - 00064072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-15 01:50 - 2017-03-04 09:18 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-03-15 01:50 - 2017-03-04 08:52 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-03-15 01:50 - 2017-03-04 08:49 - 00565648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-03-15 01:50 - 2017-03-04 08:49 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2017-03-15 01:50 - 2017-03-04 08:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-15 01:50 - 2017-03-04 08:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-15 01:50 - 2017-03-04 08:28 - 00185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-03-15 01:50 - 2017-03-04 08:27 - 00995328 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-15 01:50 - 2017-03-04 08:27 - 00415232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-15 01:50 - 2017-03-04 08:25 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-15 01:50 - 2017-03-04 08:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-03-15 01:50 - 2017-03-04 08:23 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-03-15 01:50 - 2017-03-04 08:21 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-03-15 01:50 - 2017-03-04 08:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2017-03-15 01:50 - 2017-03-04 08:13 - 00534056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-03-15 01:50 - 2017-03-04 08:11 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-03-15 01:50 - 2017-03-04 08:11 - 00473616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2017-03-15 01:50 - 2017-03-04 08:09 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-03-15 01:50 - 2017-03-04 08:07 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2017-03-15 01:50 - 2017-03-04 07:47 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-15 01:50 - 2017-03-04 07:46 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2017-03-15 01:50 - 2017-03-04 07:45 - 02839040 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2017-03-15 01:50 - 2017-03-04 07:44 - 02253824 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2017-03-15 01:50 - 2017-03-04 07:42 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 01:50 - 2017-03-04 07:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2017-03-15 01:50 - 2017-03-04 07:30 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-03-15 01:50 - 2017-03-04 07:29 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2017-03-15 01:50 - 2017-03-04 07:24 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-15 01:50 - 2017-03-04 07:23 - 00846848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-03-15 01:50 - 2017-03-04 07:23 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-03-15 01:50 - 2017-03-04 07:23 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-03-15 01:50 - 2017-03-04 07:23 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-03-15 01:50 - 2017-03-04 07:22 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-03-15 01:50 - 2017-03-04 07:22 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-03-15 01:50 - 2017-03-04 07:19 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-03-15 01:50 - 2017-03-04 07:15 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-03-15 01:50 - 2017-03-04 07:10 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-03-15 01:50 - 2017-03-04 07:09 - 01717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-03-15 01:50 - 2017-03-04 07:08 - 02404352 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-15 01:50 - 2017-03-04 07:07 - 01670656 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-15 01:50 - 2017-03-04 07:07 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-03-15 01:50 - 2017-03-04 06:57 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-03-15 01:50 - 2017-03-04 06:56 - 02198016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2017-03-15 01:50 - 2017-03-04 06:56 - 01822208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-03-15 01:50 - 2017-03-04 06:54 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2017-03-15 01:50 - 2017-03-04 06:51 - 03420160 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2017-03-15 01:50 - 2017-03-04 06:51 - 00498176 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2017-03-15 01:50 - 2017-03-04 06:43 - 01870848 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-15 01:50 - 2017-03-04 06:41 - 00939008 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2017-03-15 01:50 - 2017-03-04 06:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-03-15 01:50 - 2017-03-04 06:30 - 01467904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-03-15 01:50 - 2017-03-04 06:29 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-15 01:50 - 2017-03-04 06:11 - 01592832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-15 01:50 - 2017-03-04 06:09 - 00716288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2017-03-15 01:49 - 2017-03-04 10:16 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2017-03-15 01:49 - 2017-03-04 09:41 - 00983392 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-03-15 01:49 - 2017-03-04 09:37 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\FileHistory.exe
2017-03-15 01:49 - 2017-03-04 09:37 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\fhuxgraphics.dll
2017-03-15 01:49 - 2017-03-04 08:46 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\vmusrv.dll
2017-03-15 01:49 - 2017-03-04 08:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\VmsNetSetupPlugin.dll
2017-03-15 01:49 - 2017-03-04 08:33 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2017-03-15 01:49 - 2017-03-04 08:29 - 02446336 _____ C:\Windows\system32\InputService.dll
2017-03-15 01:49 - 2017-03-04 08:11 - 00814592 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2017-03-15 01:49 - 2017-03-04 08:07 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2017-03-15 01:49 - 2017-03-04 08:07 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2017-03-15 01:49 - 2017-03-04 08:07 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2017-03-15 01:49 - 2017-03-04 08:07 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2017-03-15 01:49 - 2017-03-04 08:03 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2017-03-15 01:49 - 2017-03-04 08:02 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2017-03-15 01:49 - 2017-03-04 08:01 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Tabbtn.dll
2017-03-15 01:49 - 2017-03-04 07:43 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2017-03-15 01:49 - 2017-03-04 07:41 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2017-03-15 01:49 - 2017-03-04 07:31 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2017-03-15 01:49 - 2017-03-04 07:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2017-03-15 01:49 - 2017-03-04 07:27 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinFax.dll
2017-03-15 01:49 - 2017-03-04 07:23 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-03-15 01:49 - 2017-03-04 07:22 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2017-03-15 01:49 - 2017-03-04 07:21 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-03-15 01:49 - 2017-03-04 07:17 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2017-03-15 01:49 - 2017-03-04 07:15 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2017-03-15 01:49 - 2017-03-04 07:13 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2017-03-15 01:49 - 2017-03-04 07:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2017-03-15 01:49 - 2017-03-04 07:12 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2017-03-15 01:49 - 2017-03-04 07:12 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2017-03-15 01:49 - 2017-03-04 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2017-03-15 01:49 - 2017-03-04 07:08 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-15 01:49 - 2017-03-04 07:01 - 14247424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-03-15 01:49 - 2017-03-04 06:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-15 01:49 - 2017-03-04 06:50 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-03-15 01:49 - 2017-03-04 06:50 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rshx32.dll
2017-03-15 01:49 - 2017-03-04 06:41 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-03-15 01:49 - 2017-03-04 06:41 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-03-15 01:49 - 2017-03-04 06:29 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-15 01:49 - 2017-03-04 06:23 - 12594688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-03-15 01:49 - 2017-03-04 06:23 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-03-15 01:48 - 2017-03-04 09:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-03-15 01:48 - 2017-03-04 08:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\qwave.dll
2017-03-15 01:48 - 2017-03-04 08:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\WinFax.dll
2017-03-15 01:48 - 2017-03-04 08:06 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2017-03-15 01:48 - 2017-03-04 08:03 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-03-15 01:48 - 2017-03-04 07:54 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-03-15 01:48 - 2017-03-04 07:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\TabbtnEx.dll
2017-03-15 01:48 - 2017-03-04 07:47 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\stdole2.tlb
2017-03-15 01:48 - 2017-03-04 07:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-03-15 01:48 - 2017-03-04 07:36 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll
2017-03-15 01:48 - 2017-03-04 07:28 - 00246784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qwave.dll
2017-03-15 01:48 - 2017-03-04 07:23 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-15 01:48 - 2017-03-04 07:22 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-03-15 01:48 - 2017-03-04 07:22 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-15 01:48 - 2017-03-04 07:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-03-15 01:48 - 2017-03-04 07:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2017-03-15 01:48 - 2017-03-04 07:12 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassvcs.dll
2017-03-15 01:48 - 2017-03-04 07:02 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2017-03-15 01:48 - 2017-03-04 06:59 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-03-15 01:48 - 2017-03-04 06:57 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2017-03-15 01:48 - 2017-03-04 06:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdole2.tlb
2017-03-15 01:48 - 2017-03-04 06:55 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2017-03-15 01:48 - 2017-03-04 06:50 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-03-15 01:48 - 2017-03-04 06:41 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2017-03-15 01:48 - 2017-03-04 06:39 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\feclient.dll
2017-03-15 01:48 - 2017-03-04 06:19 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2017-03-14 21:04 - 2017-04-11 23:25 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-14 21:02 - 2017-04-11 20:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-14 20:52 - 2017-03-14 20:52 - 00000000 _____ C:\Users\Teodor\AppData\Local\{F7D72DD5-2F34-44A7-9F74-D0E28F4B6A25}
2017-03-14 20:46 - 2017-03-14 20:50 - 00000080 _____ C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\чTorrent.lnk
2017-03-13 18:05 - 2017-03-14 20:53 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-13 18:05 - 2017-03-13 18:05 - 00000000 ____D C:\Users\Teodor\AppData\Local\Google
2017-03-12 22:54 - 2017-03-13 01:03 - 00000000 ____D C:\Program Files (x86)\{4276DB5A-150A-4E3D-976F-3F336D9B20FC}
2017-03-12 15:54 - 2017-03-13 01:03 - 00000000 ____D C:\Program Files (x86)\{C9036940-B249-4BBF-82A5-E1B0D8F482D8}
2017-03-12 12:19 - 2017-03-13 01:03 - 00000000 ____D C:\Program Files (x86)\{13421CE0-00EB-44F0-B69C-B966AD59DB66}
2017-03-11 22:54 - 2017-03-13 01:03 - 00000000 ____D C:\Program Files (x86)\{BFEE497F-9207-43CE-98A0-EEAD7094FA6F}
2017-03-11 19:22 - 2017-03-11 19:22 - 00008673 _____ C:\Users\Teodor\Desktop\bookmarks-2017-03-11.json
2017-03-11 17:02 - 2017-03-11 17:02 - 00001098 _____ C:\Windows\system32\.crusader
2017-03-11 15:54 - 2017-03-11 15:54 - 00000000 ____D C:\Program Files (x86)\{52F62E96-63B5-497F-8CE1-C3E63C0F79AF}
2017-03-11 15:28 - 2017-04-01 06:27 - 20827640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-11 15:28 - 2017-02-23 13:32 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-11 15:28 - 2017-02-23 13:32 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-11 15:23 - 2017-02-23 21:35 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-03-11 13:06 - 2017-03-11 17:04 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2017-03-11 13:05 - 2017-03-11 13:45 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-11 12:57 - 2017-03-22 22:15 - 00000000 ____D C:\AdwCleaner
2017-03-11 12:18 - 2017-04-29 08:52 - 08590988 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-03-11 12:18 - 2017-03-15 00:11 - 00000000 ____D C:\Zemana AntiMalware
2017-03-11 12:18 - 2017-03-15 00:07 - 00104087 _____ C:\Windows\ZAM.krnl.trace
2017-03-11 12:18 - 2017-03-11 12:18 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-03-11 12:17 - 2017-03-11 12:17 - 00000000 ____D C:\Users\Teodor\AppData\Local\Zemana
2017-03-11 11:57 - 2017-03-11 15:56 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-11 11:57 - 2017-03-11 15:56 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-11 11:53 - 2017-03-11 15:56 - 00000382 _____ C:\Windows\SysWOW64\data.bin
2017-03-11 11:51 - 2017-03-11 11:51 - 00000000 ____D C:\Program Files (x86)\{8F8327C9-89BB-4485-9996-86DE5751FFC5}
2017-03-11 00:17 - 2017-03-11 00:17 - 00536864 _____ C:\Windows\system32\vulkan-1-1-0-42-1.dll
2017-03-11 00:17 - 2017-03-11 00:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1-1-0-42-1.dll
2017-03-11 00:17 - 2017-03-11 00:17 - 00254240 _____ C:\Windows\system32\vulkaninfo-1-1-0-42-1.exe
2017-03-11 00:17 - 2017-03-11 00:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-42-1.exe
2017-03-10 22:55 - 2017-03-10 22:55 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-10 22:54 - 2017-03-13 18:03 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2017-03-10 22:54 - 2017-03-10 23:00 - 00000000 ____D C:\Program Files (x86)\{CA2EF695-81E8-4942-A3E2-3347595C7F32}
2017-03-10 22:42 - 2017-03-10 23:36 - 00000000 ____D C:\Program Files\04IWQICEN3
2017-03-10 22:40 - 2017-03-10 23:36 - 00000000 ____D C:\Program Files\EG6YKB7C8F
2017-03-10 21:54 - 2017-03-10 21:54 - 00000000 ____D C:\Users\Teodor\AppData\Local\Ghetutainantigh
2017-03-10 21:53 - 2017-03-10 21:53 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-03-10 21:53 - 2017-03-10 21:53 - 00000000 ____D C:\Windows\IObit
2017-03-10 21:53 - 2017-03-10 21:53 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\IObit
2017-03-10 21:53 - 2017-03-10 21:53 - 00000000 ____D C:\Users\Teodor\AppData\LocalLow\IObit
2017-03-10 21:53 - 2017-03-10 21:53 - 00000000 ____D C:\Users\Public\Documents\XMUpdate
2017-03-10 21:53 - 2017-03-10 21:53 - 00000000 ____D C:\ProgramData\IObit
2017-03-09 21:55 - 2017-03-09 21:55 - 00132848 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2017-03-09 21:55 - 2017-03-09 21:55 - 00014880 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2017-03-07 14:31 - 2017-03-07 15:09 - 00031444 _____ C:\Users\Teodor\ОС.dwg
2017-03-07 13:53 - 2017-04-24 16:42 - 00000000 ____D C:\Users\Teodor\Desktop\oip
2017-03-03 05:35 - 2017-03-03 05:35 - 00193448 _____ C:\Windows\system32\Drivers\cryptfd.sys
2017-02-25 21:06 - 2017-02-26 21:32 - 00000000 ____D C:\Users\Teodor\Documents\FIFA 15
2017-02-25 20:05 - 2017-02-25 20:05 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-02-25 19:58 - 2017-03-14 20:51 - 00000561 _____ C:\Users\Public\Desktop\FIFA 15.lnk
2017-02-25 19:58 - 2017-02-25 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2017-02-25 19:05 - 2017-03-24 00:18 - 00000000 ____D C:\Users\Teodor\Desktop\razni
2017-02-19 16:49 - 2017-02-19 16:49 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\NVIDIA
2017-02-16 02:36 - 2017-04-23 01:32 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-02-16 02:36 - 2017-03-28 06:32 - 01882048 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-16 02:36 - 2017-03-28 06:32 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-16 02:36 - 2017-03-28 06:32 - 01472960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-16 02:36 - 2017-03-28 06:32 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-16 02:36 - 2017-03-28 06:32 - 00121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-16 02:36 - 2017-03-11 15:23 - 00000000 ____D C:\Users\Teodor\AppData\Local\NVIDIA Corporation
2017-02-16 02:36 - 2017-02-16 02:37 - 00000000 ____D C:\Users\Teodor\AppData\Local\NVIDIA
2017-02-16 02:36 - 2017-02-16 02:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-16 02:35 - 2017-04-29 08:46 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-16 02:35 - 2017-04-23 01:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-16 02:35 - 2017-04-01 05:10 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-16 02:35 - 2017-04-01 05:10 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-16 02:35 - 2017-04-01 05:10 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-16 02:35 - 2017-04-01 05:10 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-16 02:35 - 2017-04-01 05:10 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-16 02:35 - 2017-04-01 05:10 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-16 02:35 - 2017-04-01 05:10 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-16 02:35 - 2017-03-31 13:15 - 07851747 _____ C:\Windows\system32\nvcoproc.bin
2017-02-16 02:35 - 2017-02-10 05:33 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-02-16 02:35 - 2017-02-10 05:33 - 00418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-02-16 02:34 - 2017-04-23 01:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-16 02:33 - 2017-04-03 17:49 - 14841784 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-02-16 02:33 - 2017-04-01 06:27 - 04085712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-16 02:33 - 2017-04-01 06:27 - 03602296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-16 02:33 - 2017-04-01 06:27 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-02-16 02:33 - 2017-03-28 06:32 - 00047552 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-02-16 02:33 - 2017-02-23 21:35 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\SET16C7.tmp
2017-02-16 02:33 - 2017-02-10 05:33 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-16 02:33 - 2017-02-10 05:33 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-16 02:32 - 2017-04-23 01:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-16 02:23 - 2017-02-16 02:25 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-13 16:18 - 2017-02-13 16:18 - 00000000 ____D C:\Program Files\Bonjour
2017-02-13 16:18 - 2017-02-13 16:18 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-30 21:16 - 2017-04-29 08:46 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-29 08:51 - 2016-10-13 20:08 - 00004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{387B81FF-15E0-4FC1-B591-8382927F625D}
2017-04-29 08:50 - 2015-07-31 01:42 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-29 08:49 - 2015-07-31 01:42 - 00000000 ____D C:\Windows\AppReadiness
2017-04-29 08:48 - 2016-11-19 04:28 - 00000000 ____D C:\Users\Teodor\AppData\LocalLow\Mozilla
2017-04-29 08:48 - 2016-08-25 20:58 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-04-29 08:47 - 2016-11-29 17:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-29 08:46 - 2016-09-23 17:44 - 00000936 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-29 08:46 - 2016-08-25 20:19 - 00000000 __SHD C:\Users\Teodor\IntelGraphicsProfiles
2017-04-28 13:06 - 2016-09-23 17:44 - 00000940 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-27 18:30 - 2016-08-25 19:57 - 00000000 ____D C:\Users\Teodor\AppData\Local\Packages
2017-04-27 18:09 - 2016-09-23 17:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-27 00:49 - 2016-08-25 20:23 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\uTorrent
2017-04-26 21:38 - 2016-08-26 20:41 - 00000000 ____D C:\KMPlayer
2017-04-26 17:34 - 2017-01-28 19:04 - 00000000 ____D C:\ProgramData\Oracle
2017-04-26 17:34 - 2017-01-28 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-26 17:34 - 2017-01-28 19:04 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-26 17:33 - 2017-01-28 19:05 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-04-25 10:29 - 2016-11-18 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-25 10:29 - 2016-08-25 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-23 01:56 - 2016-09-07 09:09 - 00000000 ____D C:\Users\Teodor\Desktop\snimki
2017-04-23 01:32 - 2017-01-28 20:19 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2017-01-28 20:19 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2017-01-28 20:18 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2017-01-28 20:18 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2017-01-28 20:18 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2017-01-28 20:18 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2017-01-28 20:18 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-23 01:32 - 2015-07-31 01:40 - 00000000 ____D C:\Windows\INF
2017-04-16 05:40 - 2016-08-25 19:57 - 00000000 ____D C:\Users\Teodor
2017-04-15 10:56 - 2016-08-29 20:57 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\Samsung
2017-04-15 10:56 - 2016-08-29 20:43 - 00000000 ____D C:\ProgramData\Samsung
2017-04-15 10:56 - 2016-08-29 20:43 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-04-15 10:56 - 2016-08-25 21:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-15 10:53 - 2016-08-29 20:44 - 00000000 ____D C:\Program Files\Samsung
2017-04-15 10:47 - 2015-07-31 00:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-14 21:04 - 2015-07-31 01:42 - 00000000 ____D C:\Windows\rescache
2017-04-14 21:02 - 2016-08-25 21:28 - 00000000 ____D C:\Users\Teodor\AppData\Local\Downloaded Installations
2017-04-13 10:19 - 2016-08-29 20:55 - 00875758 _____ C:\Windows\system32\perfh002.dat
2017-04-13 10:19 - 2016-08-29 20:55 - 00278252 _____ C:\Windows\system32\perfc002.dat
2017-04-13 10:19 - 2016-08-25 19:58 - 00006024 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-12 20:17 - 2016-08-27 10:27 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\Skype
2017-04-12 10:48 - 2016-08-31 02:22 - 00000000 ____D C:\Users\Teodor\AppData\Local\Adobe
2017-04-12 10:48 - 2016-08-25 19:57 - 00000000 ____D C:\Users\Teodor\AppData\Roaming\Adobe
2017-04-12 09:45 - 2015-07-10 12:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-04-12 09:42 - 2015-07-31 01:42 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-04-12 09:35 - 2015-09-10 08:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-12 09:32 - 2017-01-23 13:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-12 09:32 - 2017-01-23 13:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-12 09:32 - 2015-07-31 00:49 - 00468304 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-12 00:20 - 2015-07-31 01:42 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-04-12 00:20 - 2015-07-31 01:42 - 00000000 ___SD C:\Windows\system32\F12
2017-04-12 00:19 - 2015-07-31 01:42 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-12 00:19 - 2015-07-31 01:42 - 00000000 ___RD C:\Windows\DevicesFlow
2017-04-12 00:19 - 2015-07-31 01:42 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 00:19 - 2015-07-31 01:42 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-12 00:19 - 2015-07-31 01:42 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-12 00:19 - 2015-07-31 01:42 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-11 23:35 - 2016-08-26 08:28 - 00000000 ____D C:\Windows\system32\MRT
2017-04-11 23:31 - 2017-01-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-11 23:31 - 2016-08-26 08:28 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-11 23:29 - 2015-07-31 01:25 - 00000000 ____D C:\Windows\CbsTemp
2017-04-11 23:19 - 2015-07-31 01:42 - 00000167 _____ C:\Windows\win.ini
2017-04-11 20:01 - 2015-07-10 12:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-04-11 16:35 - 2016-08-26 07:31 - 00000000 ____D C:\Users\Teodor\AppData\Local\CrashDumps
2017-04-11 15:37 - 2016-10-30 18:45 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 15:37 - 2015-07-31 01:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-11 15:37 - 2015-07-31 01:42 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-08 19:06 - 2016-08-25 21:09 - 00000000 ____D C:\temp
2017-04-08 01:06 - 2016-08-26 08:30 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 00:29 - 2016-10-04 20:09 - 00000000 ____D C:\Users\Teodor\Documents\Visual Studio 2013
2017-04-05 21:57 - 2016-10-22 16:02 - 00000000 ____D C:\Users\Teodor\AppData\Local\Microsoft Help
2017-04-01 21:54 - 2015-07-31 01:43 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-01 21:54 - 2015-07-31 01:43 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-01 19:53 - 2016-10-08 14:05 - 00000715 _____ C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall.lnk
2017-04-01 19:53 - 2016-10-08 14:05 - 00000518 _____ C:\Users\Teodor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall RaidCall.lnk
2017-03-31 18:40 - 2016-09-23 17:48 - 00000000 ___RD C:\Users\Teodor\Dropbox

==================== Files in the root of some directories =======

2016-06-17 09:54 - 2016-06-17 09:54 - 0004454 _____ () C:\Users\Teodor\AppData\Roaming\90ms-RKSJ-V
2016-06-17 09:53 - 2016-06-17 09:53 - 0000130 _____ () C:\Users\Teodor\AppData\Roaming\boolean_single.js
2016-06-17 09:53 - 2016-06-17 09:53 - 0002844 _____ () C:\Users\Teodor\AppData\Roaming\bt_unselected.png
2016-06-17 09:53 - 2016-06-17 09:53 - 0000569 _____ () C:\Users\Teodor\AppData\Roaming\but-prev.png
2016-10-24 18:26 - 2016-11-21 14:41 - 3484607 _____ () C:\Users\Teodor\AppData\Roaming\cached-microdescs
2016-06-17 09:53 - 2016-06-17 09:53 - 0000960 _____ () C:\Users\Teodor\AppData\Roaming\chunk.sections.xml
2008-09-04 10:00 - 2008-09-04 10:00 - 0414958 _____ () C:\Users\Teodor\AppData\Roaming\Phraseology.Ycq
2009-05-13 10:00 - 2009-05-13 10:00 - 0271196 _____ () C:\Users\Teodor\AppData\Roaming\Quinquennium.Hq6
2012-03-10 11:00 - 2012-03-10 11:00 - 0417469 _____ () C:\Users\Teodor\AppData\Roaming\Tachypnea.M
2016-08-30 01:53 - 2016-11-10 20:54 - 0007593 _____ () C:\Users\Teodor\AppData\Local\Resmon.ResmonCfg
2017-03-14 20:52 - 2017-03-14 20:52 - 0000000 _____ () C:\Users\Teodor\AppData\Local\{F7D72DD5-2F34-44A7-9F74-D0E28F4B6A25}
2016-08-25 20:28 - 2016-08-25 20:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-03 15:24 - 2016-11-03 15:24 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2016-12-17 15:27 - 2017-01-26 14:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 15:27 - 2017-01-26 12:28 - 0007497 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Files to move or delete:
====================
C:\Windows\Temp\AsInsWizMonitor.exe


Some files in TEMP:
====================
2017-04-26 17:32 - 2017-04-26 17:32 - 0739904 _____ (Oracle Corporation) C:\Users\Teodor\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-03-25 22:10 - 2017-03-25 22:10 - 4787200 _____ () C:\Users\Teodor\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {4e8da42d-4703-11e5-a548-89e75332eed2}
                        {4e8da42c-4703-11e5-a548-89e75332eed2}
timeout                 1

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description             Windows Boot Manager
locale                  bg-BG
inherit                 {globalsettings}
default                 {current}
resumeobject            {4e8da42f-4703-11e5-a548-89e75332eed2}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmware Application (101fffff)
-------------------------------
identifier              {4e8da42c-4703-11e5-a548-89e75332eed2}
description             CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier              {4e8da42d-4703-11e5-a548-89e75332eed2}
description             Hard Drive

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 10
locale                  bg-BG
inherit                 {bootloadersettings}
recoverysequence        {4e8da431-4703-11e5-a548-89e75332eed2}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {4e8da42f-4703-11e5-a548-89e75332eed2}
nx                      OptIn
bootmenupolicy          Standard
hypervisorlaunchtype    Auto

Windows Boot Loader
-------------------
identifier              {4e8da431-4703-11e5-a548-89e75332eed2}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4e8da432-4703-11e5-a548-89e75332eed2}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  bg-BG
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4e8da432-4703-11e5-a548-89e75332eed2}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {4e8da42f-4703-11e5-a548-89e75332eed2}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  bg-BG
inherit                 {resumeloadersettings}
recoverysequence        {4e8da431-4703-11e5-a548-89e75332eed2}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  bg-BG
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {4e8da432-4703-11e5-a548-89e75332eed2}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


LastRegBack: 2017-04-20 13:31

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

Явно колегите са заети. В логовете вируси не видях, освен, че сте използвали доста смотан активатор.

А иначе в какво се състоят проблемите ви за да знам дали темата е за този раздел или да я преместя?

Поздрави!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 13 часа, B-boy/StyLe/ написа:

Здравейте,

Явно колегите са заети. В логовете вируси не видях, освен, че сте използвали доста смотан активатор.

А иначе в какво се състоят проблемите ви за да знам дали темата е за този раздел или да я преместя?

Поздрави!

Постоянно ми излизат известия че някакви адреси са блокирани ,а дефакто никъде не влизам и понякога ми се инсталират сами програми и много рекламни вируси имах и тем подобни и по всякакъв начин се опитвах да ги премахна но не става и не става,стоят си

Редактирано от tterziew
забравих да цитирам (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Коя програма блокира адреси - Malwarebytes? При нея в 99% от случаите това не означава заразяване (особено ако се използва utorrent).

А кои са програмите, които не можахте да премахнете, защото поне на бърз преглед не откривам особени проблеми в логовете. Видях главно някакви неактивни остатъци в Task Scheduler и в msconfig (забранени записи да стартират с Windows).

Видях, че имате Malwarebytes. Обновете дефинициите и направете бърза проверка (Threat Scan) и публикувайте резултатите от проверката. После ще напиша скрипт за премахване на остатъците от логовете.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 1 час, B-boy/StyLe/ написа:

Коя програма блокира адреси - Malwarebytes? При нея в 99% от случаите това не означава заразяване (особено ако се използва utorrent).

А кои са програмите, които не можахте да премахнете, защото поне на бърз преглед не откривам особени проблеми в логовете. Видях главно някакви неактивни остатъци в Task Scheduler и в msconfig (забранени записи да стартират с Windows).

Видях, че имате Malwarebytes. Обновете дефинициите и направете бърза проверка (Threat Scan) и публикувайте резултатите от проверката. После ще напиша скрипт за премахване на остатъците от логовете.

този път нищо не намери,но след ден-два ще има пак ,макар че и сега ми дава че блокирва антивирусната някакви сайтове.


Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 15 часа, tterziew написа:

този път нищо не намери,но след ден-два ще има пак ,макар че и сега ми дава че блокирва антивирусната някакви сайтове.

Добре, де! нали в пост №4  ви бе обяснено всичко и най - вече: "макар че и сега ми дава че блокирва антивирусната някакви сайтове." т.е. че това не означава зараза! 

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ето скрипта за да премахнем остатъците, както бях обещал:

Изтеглете edit-text.giffixlist.txt и го запазете на десктопа.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Поздрави!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 18 часа, B-boy/StyLe/ написа:

Ето скрипта за да премахнем остатъците, както бях обещал:

Изтеглете edit-text.giffixlist.txt и го запазете на десктопа.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Поздрави!

 

Fixlog.txt

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Остана още малко работа:

Изтеглете edit-text.giffixlist.txt и го запазете на десктопа.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

След това пишете как е положението! ;)

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 27 минути, B-boy/StyLe/ написа:

Остана още малко работа:

Изтеглете edit-text.giffixlist.txt и го запазете на десктопа.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

След това пишете как е положението! ;)

Поздрави!

 

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

ами мисля че всичко е точно ,Мерси много!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Йорданка Т. Иванова
      Здравейте, при опит за възстановяване на системата към предишна дата, Avast направи пълно сканиране на компютъра и ми премести в клетка заразените файлове.
      Има ли възможност да се почисти компютъра от въпросните заплахи и съответно да си възстановя файловете, най-вече тези /ако има такива/, които са необходими за правилното функциониране на системата.
      П.П.: Пълен лаик съм на тема антивирусни програми.
      Нов Microsoft Office PowerPoint Presentation.pptx


      Ето го резултата от файла FRST
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
      Ran by Rosko (administrator) on ROSKO-PC (28-10-2018 14:36:09)
      Running from C:\Users\Rosko\Downloads
      Loaded Profiles: Rosko (Available Profiles: Rosko)
      Platform: Windows 7 Ultimate (X64) Language: Български (България)
      Internet Explorer Version 8 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
      (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BAVSvc.exe
      (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BHipsSvc.exe
      (Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
      (Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BavTray.exe
      (Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      () C:\Program Files (x86)\CalendarTool\2.0.0.1000176\CalendarServ.exe
      () C:\Program Files (x86)\CalendarTool\2.0.0.1000176\calendar.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\bavhm.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Intel Corporation) C:\Windows\System32\igfxHK.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
      () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Baidu Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavadvtools2\8C8AEEC1-5166-4CE7-BBAD-7C37409D0C73\tool\bdMiniDownloaderGB_BAV-Mini_32_1002.exe
      (Baidu Inc.) C:\Users\Rosko\AppData\Local\MiniService\MiniService.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Viber Media S.à r.l.) C:\Users\Rosko\AppData\Local\Viber\Viber.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2014-01-24] (Synaptics Incorporated)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-18] (AVAST Software)
      HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BavTray.exe [2553328 2015-07-14] (Baidu, Inc.)
      HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [132856 2017-05-18] (Intel)
      HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®)
      HKU\S-1-5-21-749869763-3409154425-2811610640-1000\...\Run: [Viber] => C:\Users\Rosko\AppData\Local\Viber\Viber.exe [36762184 2018-10-22] (Viber Media S.à r.l.)
      HKU\S-1-5-21-749869763-3409154425-2811610640-1000\...\MountPoints2: {c4a92fbb-e173-11e7-9426-f8a963743fcb} - G:\LG_PC_Programs.exe
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 172.16.1.1
      Tcpip\..\Interfaces\{2FB69C23-4CBD-4252-994A-27D31EDC0D6D}: [DhcpNameServer] 172.16.1.1
      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKU\S-1-5-21-749869763-3409154425-2811610640-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\S-1-5-21-749869763-3409154425-2811610640-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-749869763-3409154425-2811610640-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
      Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
      Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
      Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
      Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
      FireFox:
      ========
      FF DefaultProfile: 2csmqmsd.default
      FF ProfilePath: C:\Users\Rosko\AppData\Roaming\Mozilla\Firefox\Profiles\2csmqmsd.default [2018-07-05]
      FF Homepage: Mozilla\Firefox\Profiles\2csmqmsd.default -> about:blank
      FF Extension: (Avast SafePrice) - C:\Users\Rosko\AppData\Roaming\Mozilla\Firefox\Profiles\2csmqmsd.default\Extensions\sp@avast.com.xpi [2018-10-18]
      FF Extension: (Avast Online Security) - C:\Users\Rosko\AppData\Roaming\Mozilla\Firefox\Profiles\2csmqmsd.default\Extensions\wrc@avast.com.xpi [2018-10-18]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
      FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-08-18] (Sun Microsystems, Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
      FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\enpsysau.js [2017-09-10]
      Chrome: 
      =======
      CHR DefaultProfile: Default
      CHR Profile: C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default [2018-10-28]
      CHR Extension: (Презентации) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-02]
      CHR Extension: (Документи) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-02]
      CHR Extension: (Google Диск) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-02]
      CHR Extension: (YouTube) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-02]
      CHR Extension: (Adobe Acrobat) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-02]
      CHR Extension: (Avast SafePrice | Сравнение, сделки, купони) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-19]
      CHR Extension: (Таблици) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-02]
      CHR Extension: (Google Документи офлайн) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-08]
      CHR Extension: (АБВ Уведомител) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\glkfpmcniebkbeakjdpobddpjghbapec [2018-10-28]
      CHR Extension: (Avast Online Security) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-18]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-02]
      CHR Extension: (Gmail) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-02]
      CHR Extension: (Chrome Media Router) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
      CHR Profile: C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2018-10-28] <==== ATTENTION
      CHR Extension: (Презентации) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23]
      CHR Extension: (Документи) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
      CHR Extension: (Google Диск) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
      CHR Extension: (YouTube) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
      CHR Extension: (Google Търсене) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
      CHR Extension: (АБВ Уведомител) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2015-11-25]
      CHR Extension: (Adobe Acrobat) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-08]
      CHR Extension: (Таблици) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
      CHR Extension: (Farmville2 X-Press) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\gbgjpdhhnbgmnafojckjmjogcpoinlim [2018-10-24]
      CHR Extension: (Google Документи офлайн) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Avast Online Security) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-18]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
      CHR Extension: (Gmail) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
      CHR Extension: (Chrome Media Router) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-01]
      CHR HKU\S-1-5-21-749869763-3409154425-2811610640-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-18] (AVAST Software)
      R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-18] (AVAST Software)
      R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BavSvc.exe [2805208 2015-07-14] (Baidu, Inc.)
      S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BdSandboxSrv64.exe [490480 2015-04-29] (Baidu, Inc.)
      R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BHipsSvc.exe [544032 2015-07-14] (Baidu, Inc.)
      S3 BsrSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools2\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [3503416 2015-07-08] (Baidu, Inc.)
      R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-05-18] (Intel)
      R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
      R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
      R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
      R2 MiniService; C:\Users\Rosko\AppData\Local\MiniService\MiniService.exe [103616 2018-10-28] (Baidu Inc.) [File not signed] <==== ATTENTION
      R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
      R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.1000176\CalendarServ.exe [152720 2017-08-09] ()
      S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-18] (AVAST Software)
      S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-18] (AVAST Software)
      S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-18] (AVAST Software)
      S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-18] (AVAST Software)
      S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-18] (AVAST Software)
      R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-18] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-18] (AVAST Software)
      R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-18] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-18] (AVAST Software)
      S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-18] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-18] (AVAST Software)
      S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-18] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-18] (AVAST Software)
      S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-18] (AVAST Software)
      S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-18] (AVAST Software)
      U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BdApiUtil64.sys [116936 2015-07-14] (Baidu, Inc.)
      R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-04-20] ()
      U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BdCameraProtect64.sys [25000 2015-07-14] (Baidu, Inc.)
      S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [235976 2015-04-29] (Baidu, Inc.)
      R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2015-07-14] (Baidu, Inc.)
      R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-07-14] (Baidu, Inc.)
      R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-07-14] (Baidu, Inc.)
      R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [487144 2015-07-14] (Baidu, Inc.)
      R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\Bnmon64.sys [82376 2015-07-14] (Baidu, Inc.)
      R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [171464 2015-07-14] (Baidu, Inc.)
      S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
      R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-08] (REALiX(tm))
      R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
      R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
      R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
      U3 aswbdisk; no ImagePath
      U0 Partizan; system32\drivers\Partizan.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-10-28 14:35 - 2018-10-28 14:36 - 000000000 ____D C:\FRST
      2018-10-28 14:35 - 2018-10-28 14:35 - 002414592 _____ (Farbar) C:\Users\Rosko\Downloads\FRST64.exe
      2018-10-28 14:28 - 2018-10-28 14:36 - 000021836 _____ C:\Users\Rosko\Downloads\FRST.txt
      2018-10-28 14:26 - 2018-10-28 14:27 - 000020080 _____ C:\Users\Rosko\Downloads\Addition.txt
      2018-10-28 13:34 - 2018-10-28 13:34 - 000000000 ____D C:\Users\Rosko\AppData\Local\MiniService
      2018-10-28 13:29 - 2018-10-28 13:32 - 000000000 ____D C:\ProgramData\BsrSvc_exe
      2018-10-28 13:19 - 2018-10-28 13:20 - 000617400 _____ C:\Users\Rosko\Desktop\Нов Microsoft Office PowerPoint Presentation.pptx
      2018-10-28 12:40 - 2018-10-28 13:16 - 000000000 ____D C:\ProgramData\BavSvc_exe
      2018-10-28 12:37 - 2018-10-28 12:37 - 000000000 ____D C:\Users\Rosko\AppData\Local\Viber
      2018-10-28 09:17 - 2018-10-28 11:16 - 000000000 ____D C:\Users\Rosko\Desktop\официялни споразумения 2018-2019г
      2018-10-26 17:03 - 2018-10-26 17:03 - 000102327 _____ C:\Users\Rosko\Downloads\П-03001718127835-177-001_archive (1).zip
      2018-10-24 10:41 - 2018-10-24 10:41 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\AVAST Software
      2018-10-24 10:39 - 2018-10-24 10:39 - 000611358 _____ C:\Users\Rosko\Downloads\379984975 (1).pdf
      2018-10-24 10:32 - 2018-10-28 12:37 - 000000000 ____D C:\Users\Rosko\AppData\Local\AVAST Software
      2018-10-22 15:05 - 2018-10-22 15:06 - 000103383 _____ C:\Users\Rosko\Downloads\П-03001718185275-040-001_archive.zip
      2018-10-20 07:48 - 2018-10-20 07:48 - 000230931 _____ C:\Users\Rosko\Downloads\ЗП Ростислав Недков 19.10 (1).pdf
      2018-10-20 07:40 - 2018-10-20 07:40 - 000230931 _____ C:\Users\Rosko\Downloads\ЗП Ростислав Недков 19.10.pdf
      2018-10-19 08:51 - 2018-10-19 08:51 - 002437339 _____ C:\Users\Rosko\Downloads\dec92_2016_1010_баркод_с_ръководство_за_потребителя.rar
      2018-10-18 18:17 - 2018-10-18 18:17 - 000665976 _____ C:\Users\Rosko\Downloads\Re6enie_VAS_27.02.2018 (1).pdf
      2018-10-18 11:52 - 2018-10-18 11:52 - 000039854 _____ C:\Users\Rosko\Downloads\nlnazadyljenia[1] (1).pdf
      2018-10-18 10:16 - 2018-10-18 10:16 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2018-10-18 10:16 - 2018-10-18 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2018-10-18 10:15 - 2018-10-18 10:15 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
      2018-10-18 10:14 - 2018-10-26 00:45 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2018-10-18 10:13 - 2018-10-18 10:13 - 001142072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2018-10-18 10:13 - 2018-10-18 10:13 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2018-10-18 10:13 - 2018-10-18 10:13 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2018-10-18 10:13 - 2018-10-18 10:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
      2018-10-18 10:13 - 2018-10-18 10:12 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2018-10-18 10:13 - 2018-10-18 10:12 - 001001272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2018-10-18 10:13 - 2018-10-18 10:12 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
      2018-10-18 10:13 - 2018-10-18 10:12 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2018-10-18 10:13 - 2018-10-18 10:12 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
      2018-10-18 10:13 - 2018-10-18 10:12 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
      2018-10-18 10:13 - 2018-10-18 10:12 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
      2018-10-18 10:13 - 2018-10-18 10:12 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
      2018-10-18 10:11 - 2018-10-18 11:43 - 000000000 ____D C:\ProgramData\AVAST Software
      2018-10-18 10:11 - 2018-10-18 10:11 - 000000000 ____D C:\Program Files\AVAST Software
      2018-10-18 10:09 - 2018-10-18 16:40 - 000000000 ____D C:\Users\Rosko\Documents\ViberDownloads
      2018-10-18 10:09 - 2018-10-18 10:09 - 000000000 ____D C:\Users\Rosko\AppData\Local\Viber Media S.à r.l
      2018-10-18 10:08 - 2018-10-28 13:47 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\ViberPC
      2018-10-18 10:08 - 2018-10-18 10:08 - 000000956 _____ C:\Users\Rosko\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
      2018-10-18 10:08 - 2018-10-18 10:08 - 000000954 _____ C:\Users\Rosko\Desktop\Viber.lnk
      2018-10-18 10:08 - 2018-10-18 10:08 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
      2018-10-18 10:08 - 2018-10-18 10:08 - 000000000 ____D C:\Users\Rosko\AppData\Local\cache
      2018-10-18 10:07 - 2018-10-18 10:07 - 000000000 ____D C:\Users\Rosko\AppData\Local\Package Cache
      2018-10-18 10:06 - 2018-10-18 10:07 - 089186064 _____ (Viber Media Inc.) C:\Users\Rosko\Downloads\ViberSetup.exe
      2018-10-17 22:33 - 2018-10-17 22:33 - 000267977 _____ C:\Users\Rosko\Downloads\danuchno_oblagane_vnoski_na_zemedelski_proizvoditeli (4).pdf
      2018-10-17 22:08 - 2018-10-17 22:09 - 000749389 _____ C:\Users\Rosko\Downloads\Нов Презентация на Microsoft PowerPoint (2).pptx
      2018-10-17 21:41 - 2018-10-17 21:41 - 000749389 _____ C:\Users\Rosko\Downloads\Нов Презентация на Microsoft PowerPoint (1).pptx
      2018-10-17 21:14 - 2018-10-17 21:14 - 000267977 _____ C:\Users\Rosko\Downloads\danuchno_oblagane_vnoski_na_zemedelski_proizvoditeli (3).pdf
      2018-10-17 16:19 - 2018-10-17 16:19 - 000289368 _____ C:\Windows\Minidump\101718-14539-01.dmp
      2018-10-17 15:07 - 2018-10-17 15:07 - 003833305 _____ C:\Users\Rosko\Downloads\dec50_2017_19.03.2018.rar
      2018-10-17 14:45 - 2018-10-17 14:45 - 004074946 _____ C:\Users\Rosko\Downloads\dec50_2016_баркод_с_ръководство_за_потребителя.rar
      2018-10-17 12:55 - 2018-10-17 12:55 - 000648847 _____ C:\Users\Rosko\Downloads\DOM (2).pdf
      2018-10-17 07:52 - 2018-10-17 07:52 - 000012846 _____ C:\Users\Rosko\Downloads\Spravka vazstanovqvane (4).ods
      2018-10-17 07:52 - 2018-10-17 07:52 - 000000165 ____H C:\Users\Rosko\Downloads\~$Spravka vazstanovqvane (4).ods
      2018-10-16 13:59 - 2018-10-16 13:59 - 070935933 _____ C:\Users\Rosko\Downloads\wetransfer-a3a156.zip
      2018-10-16 12:10 - 2018-10-16 12:10 - 001266784 _____ C:\Users\Rosko\Downloads\statement (21).pdf
      2018-10-16 12:09 - 2018-10-16 12:09 - 001105420 _____ C:\Users\Rosko\Downloads\statement (20).pdf
      2018-10-16 10:58 - 2018-10-16 10:58 - 000648847 _____ C:\Users\Rosko\Downloads\DOM (1).pdf
      2018-10-16 08:14 - 2018-10-16 08:14 - 001939889 _____ C:\Users\Rosko\Downloads\95_09.pdf
      2018-10-15 16:01 - 2018-10-15 16:01 - 000749389 _____ C:\Users\Rosko\Downloads\Нов Презентация на Microsoft PowerPoint.pptx
      2018-10-15 15:57 - 2018-10-15 15:57 - 000102327 _____ C:\Users\Rosko\Downloads\П-03001718127835-177-001_archive.zip
      2018-10-15 13:54 - 2018-10-15 13:54 - 000648847 _____ C:\Users\Rosko\Downloads\Ползване на данъчни облекчения и наличие на задължения.pdf
      2018-10-15 13:47 - 2018-10-15 13:47 - 000648847 _____ C:\Users\Rosko\Downloads\DOM.pdf
      2018-10-12 13:49 - 2018-10-12 13:49 - 000009969 _____ C:\Users\Rosko\Downloads\РОСТИСЛАВ НЕДКОВ БОРИСОВ_2019_ЮПЕР.ZIP
      2018-10-12 13:49 - 2018-10-12 13:49 - 000001382 _____ C:\Users\Rosko\Downloads\НЕДКО БОРИСОВ КОЛЕВ_2019_ЮПЕР.ZIP
      2018-10-12 13:48 - 2018-10-12 13:48 - 000001499 _____ C:\Users\Rosko\Downloads\НЕДКО БОРИСОВ КОЛЕВ_2019_БОЖУРОВО.ZIP
      2018-10-12 09:23 - 2018-10-12 09:23 - 000075048 _____ C:\Users\Rosko\Downloads\Crystal Reports - sp_invoice_text_only_2007_5_l.rpt (1).pdf
      2018-10-10 12:50 - 2018-10-10 12:50 - 004808921 _____ C:\Users\Rosko\Downloads\П-03001718168660-004-001_archive.zip
      2018-10-06 15:09 - 2018-10-06 15:09 - 000611358 _____ C:\Users\Rosko\Downloads\379984975.pdf
      2018-10-04 13:28 - 2018-10-04 13:28 - 000156030 _____ C:\Users\Rosko\Downloads\П-03001718168660-040-001_archive.zip
      2018-10-01 18:27 - 2018-10-01 18:27 - 000143428 _____ C:\Users\Rosko\Downloads\Информационна брошура за бъдещите майки.pdf
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-10-28 14:23 - 2009-07-14 06:45 - 000016624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-10-28 14:23 - 2009-07-14 06:45 - 000016624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-10-28 14:19 - 2009-07-14 05:20 - 000000000 ____D C:\PerfLogs
      2018-10-28 14:11 - 2017-08-24 12:56 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\CalendarTool
      2018-10-28 12:42 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-10-28 12:42 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      2018-10-28 12:36 - 2017-06-10 14:47 - 000000000 __SHD C:\Users\Rosko\IntelGraphicsProfiles
      2018-10-28 12:36 - 2015-04-23 13:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
      2018-10-28 12:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-10-28 11:44 - 2016-08-08 17:51 - 000000000 ___HD C:\Program Files (x86)\m3yE3E0
      2018-10-28 10:43 - 2015-04-23 12:58 - 000000000 ____D C:\Users\Rosko\AppData\Local\Microsoft Help
      2018-10-28 10:29 - 2017-01-10 10:04 - 000000000 ____D C:\Users\Rosko\AppData\Local\CrashDumps
      2018-10-27 19:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
      2018-10-24 07:25 - 2015-04-24 13:10 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\Skype
      2018-10-23 08:18 - 2017-02-01 21:07 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2018-10-18 09:43 - 2018-07-09 15:03 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
      2018-10-18 09:43 - 2016-02-04 18:11 - 000002998 _____ C:\Windows\wininit.ini
      2018-10-17 16:19 - 2015-06-12 12:20 - 000000000 ____D C:\Windows\Minidump
      2018-10-17 16:18 - 2015-06-12 12:20 - 375178840 _____ C:\Windows\MEMORY.DMP
      2018-10-15 10:59 - 2009-07-14 07:08 - 000032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2018-10-09 21:41 - 2018-03-14 11:33 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
      2018-10-09 21:41 - 2017-02-01 18:37 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2018-10-09 21:41 - 2017-02-01 18:37 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2018-10-09 21:41 - 2017-02-01 18:37 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2018-10-09 21:41 - 2017-02-01 18:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2018-10-09 21:41 - 2017-02-01 18:37 - 000000000 ____D C:\Windows\system32\Macromed
      2018-10-04 13:28 - 2015-11-03 22:05 - 000000000 ____D C:\Users\Rosko\AppData\LocalLow\Adobe
      2018-10-01 21:10 - 2015-04-23 13:18 - 000000000 ____D C:\KMPlayer
      2018-10-01 08:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
      ==================== Files in the root of some directories =======
      2015-10-10 07:33 - 2015-10-10 07:33 - 000229019 _____ () C:\ProgramData\KTLVGTHRCQSO.dat
      2017-06-08 17:31 - 2017-06-08 17:31 - 000000017 _____ () C:\Users\Rosko\AppData\Local\resmon.resmoncfg
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-10-26 08:40
      ==================== End of FRST.txt ============================
      Addition.txt
    • от Magnolia D
      Здравейте, 
      От два - три дни интернет връзката ми се влоши драматично - почти невъзможно беше да се зареди каквато и да е страница (отнемаше минути, ако въобще успееше да го направи). Анти вирусната показа, че има Троянец(нещо си ) - може би е трябвало да запомня какво точно нещо си, но аз просто натиснах да го изтрие. Повторната проверка показа, че всичко е наред, но не мисля че е точно така. Сега зарежда малко по-бързо, но като цяло е изключително бавно и не мисля, че е от връзката. Предполагам, че се разбира, че знанието за компютрите не е една от най-силните ми страни, но за всеки случай ще го подчертая, за да се опитам да оправдая глупостите , които евентуално съм направила  и елементарния си "компютърен изказ". Относно стъпките за публикуване - нямам диск с операционната система, прикачвам другите два файла. П.С. Предварително благодаря за времето и съдействието!
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11.11.2018
      Ran by Grigorovi (administrator) on DIDI (13-11-2018 15:39:12)
      Running from D:\Instal
      Loaded Profiles: Grigorovi (Available Profiles: Grigorovi)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
      (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
      (SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
      (Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [CL-22-D39888C9-D725-485F-B4A2-1AD9369147B7] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-4DEB32A9-F15E-4B9A-A7FB-125105229440\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-4DEB32A (the data entry has 44 more characters).
      HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
      HKU\S-1-5-21-2744073735-3007959217-1321240149-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
      Tcpip\..\Interfaces\{3247EA78-9C23-40D4-AF6B-21088034F9BF}: [DhcpNameServer] 192.168.8.1 192.168.8.1
      Tcpip\..\Interfaces\{AE99D80D-ED5E-4FA1-8934-689D4319410D}: [DhcpNameServer] 192.168.8.1 192.168.8.1
      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      FireFox:
      ========
      FF DefaultProfile: ixj5pejf.default-1538731853205
      FF ProfilePath: C:\Users\Grigorovi\AppData\Roaming\Mozilla\Firefox\Profiles\ixj5pejf.default-1538731853205 [2018-11-12]
      FF Extension: (Firefox Monitor) - C:\Users\Grigorovi\AppData\Roaming\Mozilla\Firefox\Profiles\ixj5pejf.default-1538731853205\features\{a452a5ff-64b4-44fa-910c-c6debf5ffb1d}\fxmonitor@mozilla.org.xpi [2018-10-05]
      FF Extension: (Telemetry coverage) - C:\Users\Grigorovi\AppData\Roaming\Mozilla\Firefox\Profiles\ixj5pejf.default-1538731853205\features\{a452a5ff-64b4-44fa-910c-c6debf5ffb1d}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-05] [Legacy]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-14] ()
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-29] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-29] (Google Inc.)
      FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-2744073735-3007959217-1321240149-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Grigorovi\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-08-10] (Zoom Video Communications, Inc.)
      Chrome: 
      =======
      CHR Profile: C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
      CHR Extension: (Презентации) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
      CHR Extension: (YouTube) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-26]
      CHR Extension: (Adblock Plus) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
      CHR Extension: (Adobe Acrobat) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
      CHR Extension: (Facebook Pixel Helper) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2018-10-23]
      CHR Extension: (Таблици) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Документи офлайн) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
      CHR Extension: (Pinterest Save Button) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19]
      CHR Extension: (Grammar.com) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hamhaljjdpcgkelbadepgmnocknejief [2018-10-02]
      CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2018-09-19]
      CHR Extension: (Reasy) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfiiflbfkgfmeinikcgikgiijegkhgf [2017-12-09]
      CHR Extension: (Grammar and Spelling checker by Ginger) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfieneakcjfaiglcfcgkidlkmlijjnh [2018-11-07]
      CHR Extension: (Tag Assistant (by Google)) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2018-09-27]
      CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-10-09]
      CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2018-07-23]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
      CHR Extension: (Gmail) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-26]
      CHR Extension: (Chrome Media Router) - C:\Users\Grigorovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S4 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
      R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [114648 2018-11-12] (SurfRight B.V.)
      R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [4406408 2018-11-12] (SurfRight B.V.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
      R2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
      R3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
      R1 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [263288 2018-11-12] (SurfRight B.V.)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [229568 2018-11-13] (Malwarebytes)
      R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
      R1 MpKsl5e3716e3; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4EE32FF0-58AB-4EF4-90BC-B7873B344D95}\MpKsl5e3716e3.sys [49504 2018-11-13] (Microsoft Corporation)
      R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2099-10-22 18:57 - 30826-10-22 18:57 - 000186368 ____N (Microsoft Corporation) C:\Windows\foJiYOYp.exe
      2099-10-22 18:57 - 30826-10-22 18:57 - 000073216 ____N (Microsoft Corporation) C:\Windows\system32\rNZYYO.exe
      2099-10-22 18:57 - 30826-10-22 18:57 - 000073216 ____N (Microsoft Corporation) C:\Windows\system32\OmATowuMEtOu.exe
      2018-11-13 10:08 - 2018-11-13 10:08 - 000229568 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-11-12 18:25 - 2018-11-13 15:38 - 000000000 ____D C:\Windows\CryptoGuard
      2018-11-12 18:25 - 2018-11-13 10:06 - 000000000 ___DC C:\ProgramData\HitmanPro.Alert
      2018-11-12 18:25 - 2018-11-12 18:25 - 000875656 _____ (SurfRight B.V.) C:\Windows\system32\hmpalert.dll
      2018-11-12 18:25 - 2018-11-12 18:25 - 000263288 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpalert.sys
      2018-11-12 18:25 - 2018-11-12 18:25 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
      2018-11-12 18:25 - 2018-11-12 18:25 - 000000000 ___DC C:\Program Files\HitmanPro.Alert
      2018-11-12 18:14 - 2018-11-12 18:14 - 000001847 _____ C:\Users\Public\Desktop\HitmanPro.lnk
      2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
      2018-11-12 18:13 - 2018-11-12 18:14 - 000000000 ___DC C:\Program Files\HitmanPro
      2018-11-07 09:29 - 2018-11-07 09:29 - 001292716 _____ C:\Users\Grigorovi\Desktop\ros.zip
      2018-11-07 02:23 - 2018-11-05 16:55 - 009162423 _____ C:\Users\Grigorovi\Desktop\139_da_badesh_bog2.zip
      2018-11-07 02:14 - 2018-11-07 02:14 - 001062670 _____ C:\Users\Grigorovi\Desktop\Ерик Бърн -Психология на човешките взаимоотношения.pdf
      2018-11-07 02:13 - 2018-11-07 02:13 - 000798148 _____ C:\Users\Grigorovi\Desktop\Игрите, които хората играят.pdf
      2018-11-01 17:09 - 2018-11-04 22:36 - 000000000 ____D C:\Users\Grigorovi\Desktop\WP-UnEducatedMermad
      2018-10-29 18:44 - 2018-10-29 18:44 - 001092248 _____ C:\Users\Grigorovi\Desktop\Quick-Start-Affiliate-Marketing-Report.pdf
      2018-10-26 22:52 - 2018-10-26 22:52 - 002583150 _____ C:\Users\Grigorovi\Desktop\lipton_spontanna.zip
      2018-10-26 22:51 - 2018-10-26 22:51 - 001290479 _____ C:\Users\Grigorovi\Desktop\24_lipton_honemoon.zip
      2018-10-20 16:07 - 2018-10-20 16:07 - 002677746 _____ C:\Users\Grigorovi\Desktop\unblock_your_abundance_by_christiemarie_sheldon_workbook_nsp2.pdf
      2018-10-17 01:23 - 2018-10-17 01:24 - 000507221 _____ C:\Users\Grigorovi\Desktop\shum_v_ushite.zip
      2018-10-16 18:55 - 2018-10-16 18:55 - 006273583 _____ C:\Users\Grigorovi\Desktop\Шакти Гуаейн-Пътят към истинското блоагоденствие.rar
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-11-13 15:39 - 2018-04-07 19:16 - 000000000 ___DC C:\FRST
      2018-11-13 10:15 - 2009-07-14 06:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-11-13 10:15 - 2009-07-14 06:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-11-13 10:10 - 2018-04-10 19:56 - 000000386 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
      2018-11-13 10:06 - 2018-04-07 21:35 - 000065536 _____ C:\Windows\system32\Ikeext.etl
      2018-11-13 10:06 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-11-13 05:49 - 2017-04-26 17:00 - 000000000 ___DC C:\ProgramData\HitmanPro
      2018-11-12 19:59 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
      2018-11-12 18:48 - 2014-10-15 19:19 - 000000000 ____D C:\Windows\Minidump
      2018-11-12 18:34 - 2016-12-02 16:12 - 000000702 _____ C:\Users\Public\Desktop\System Ninja.lnk
      2018-11-12 18:34 - 2016-12-02 16:12 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Ninja
      2018-11-09 18:05 - 2018-07-24 14:22 - 000000000 ___DC C:\Users\Grigorovi\AppData\Local\gtk-2.0
      2018-10-30 09:45 - 2016-10-28 18:07 - 000660594 _____ C:\Windows\system32\perfh01D.dat
      2018-10-30 09:45 - 2016-10-28 18:07 - 000144252 _____ C:\Windows\system32\perfc01D.dat
      2018-10-30 09:45 - 2016-10-28 17:31 - 000425298 _____ C:\Windows\system32\perfh012.dat
      2018-10-30 09:45 - 2016-10-28 17:31 - 000122162 _____ C:\Windows\system32\perfc012.dat
      2018-10-30 09:45 - 2016-10-28 16:02 - 000378044 _____ C:\Windows\system32\prfh0804.dat
      2018-10-30 09:45 - 2016-10-28 16:02 - 000121370 _____ C:\Windows\system32\prfc0804.dat
      2018-10-30 09:45 - 2016-10-28 15:29 - 000413652 _____ C:\Windows\system32\perfh011.dat
      2018-10-30 09:45 - 2016-10-28 15:29 - 000123878 _____ C:\Windows\system32\perfc011.dat
      2018-10-30 09:45 - 2016-10-28 15:09 - 000680628 _____ C:\Windows\system32\perfh00E.dat
      2018-10-30 09:45 - 2016-10-28 15:09 - 000173052 _____ C:\Windows\system32\perfc00E.dat
      2018-10-30 09:45 - 2016-10-28 14:49 - 000478376 _____ C:\Windows\system32\perfh00B.dat
      2018-10-30 09:45 - 2016-10-28 14:49 - 000103298 _____ C:\Windows\system32\perfc00B.dat
      2018-10-30 09:45 - 2016-10-28 14:25 - 000389218 _____ C:\Windows\system32\perfh00D.dat
      2018-10-30 09:45 - 2016-10-28 14:25 - 000086536 _____ C:\Windows\system32\perfc00D.dat
      2018-10-30 09:45 - 2016-10-28 13:57 - 000740372 _____ C:\Windows\system32\perfh013.dat
      2018-10-30 09:45 - 2016-10-28 13:57 - 000154880 _____ C:\Windows\system32\perfc013.dat
      2018-10-30 09:45 - 2016-10-28 13:42 - 000491388 _____ C:\Windows\system32\perfh014.dat
      2018-10-30 09:45 - 2016-10-28 13:42 - 000097182 _____ C:\Windows\system32\perfc014.dat
      2018-10-30 09:45 - 2016-10-28 13:17 - 000603862 _____ C:\Windows\system32\perfh008.dat
      2018-10-30 09:45 - 2016-10-28 13:17 - 000112906 _____ C:\Windows\system32\perfc008.dat
      2018-10-30 09:45 - 2016-10-28 12:51 - 000736920 _____ C:\Windows\system32\perfh010.dat
      2018-10-30 09:45 - 2016-10-28 12:51 - 000148624 _____ C:\Windows\system32\perfc010.dat
      2018-10-30 09:45 - 2016-10-28 12:37 - 000665714 _____ C:\Windows\system32\perfh005.dat
      2018-10-30 09:45 - 2016-10-28 12:37 - 000143204 _____ C:\Windows\system32\perfc005.dat
      2018-10-30 09:45 - 2016-10-28 12:18 - 000475888 _____ C:\Windows\system32\perfh001.dat
      2018-10-30 09:45 - 2016-10-28 12:18 - 000096550 _____ C:\Windows\system32\perfc001.dat
      2018-10-30 09:45 - 2016-10-28 12:05 - 000742590 _____ C:\Windows\system32\perfh00C.dat
      2018-10-30 09:45 - 2016-10-28 12:05 - 000151358 _____ C:\Windows\system32\perfc00C.dat
      2018-10-30 09:45 - 2016-10-28 11:52 - 000725892 _____ C:\Windows\system32\prfh0816.dat
      2018-10-30 09:45 - 2016-10-28 11:52 - 000154684 _____ C:\Windows\system32\prfc0816.dat
      2018-10-30 09:45 - 2016-10-28 11:36 - 000506288 _____ C:\Windows\system32\perfh006.dat
      2018-10-30 09:45 - 2016-10-28 11:36 - 000100436 _____ C:\Windows\system32\perfc006.dat
      2018-10-30 09:45 - 2016-10-28 11:24 - 000742330 _____ C:\Windows\system32\perfh00A.dat
      2018-10-30 09:45 - 2016-10-28 11:24 - 000160252 _____ C:\Windows\system32\perfc00A.dat
      2018-10-30 09:45 - 2016-10-28 11:11 - 000395216 _____ C:\Windows\system32\prfh0404.dat
      2018-10-30 09:45 - 2016-10-28 11:11 - 000116868 _____ C:\Windows\system32\prfc0404.dat
      2018-10-30 09:45 - 2016-10-28 10:59 - 000737232 _____ C:\Windows\system32\perfh015.dat
      2018-10-30 09:45 - 2016-10-28 10:59 - 000157650 _____ C:\Windows\system32\perfc015.dat
      2018-10-30 09:45 - 2016-10-28 10:44 - 000721474 _____ C:\Windows\system32\perfh019.dat
      2018-10-30 09:45 - 2016-10-28 10:44 - 000152620 _____ C:\Windows\system32\perfc019.dat
      2018-10-30 09:45 - 2016-10-28 10:25 - 000710754 _____ C:\Windows\system32\prfh0416.dat
      2018-10-30 09:45 - 2016-10-28 10:25 - 000149434 _____ C:\Windows\system32\prfc0416.dat
      2018-10-30 09:45 - 2016-10-28 09:57 - 000694082 _____ C:\Windows\system32\perfh007.dat
      2018-10-30 09:45 - 2016-10-28 09:57 - 000150894 _____ C:\Windows\system32\perfc007.dat
      2018-10-30 09:45 - 2016-10-28 09:41 - 000653556 _____ C:\Windows\system32\perfh01F.dat
      2018-10-30 09:45 - 2016-10-28 09:41 - 000141778 _____ C:\Windows\system32\perfc01F.dat
      2018-10-30 09:45 - 2016-10-28 09:41 - 000126256 _____ C:\Windows\system32\perfh002.dat
      2018-10-30 09:45 - 2016-10-28 09:41 - 000028684 _____ C:\Windows\system32\perfc002.dat
      2018-10-30 09:45 - 2010-11-20 23:01 - 017739850 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-10-26 11:12 - 2018-10-05 13:08 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
      2018-10-25 10:37 - 2018-04-10 18:45 - 000002093 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-10-25 10:37 - 2016-08-26 11:58 - 000002134 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-10-24 12:51 - 2018-04-15 10:33 - 000000000 ___DC C:\Users\Grigorovi\AppData\Local\ElevatedDiagnostics
      2018-10-23 08:50 - 2016-08-24 15:28 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2018-10-15 23:48 - 2014-10-15 19:37 - 000479504 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      ==================== Files in the root of some directories =======
      2017-11-23 15:47 - 2017-11-23 15:47 - 001276776 _____ () C:\Users\Grigorovi\AppData\Roaming\screenshot11Thursday1547301350000.png
      2018-05-17 11:44 - 2018-05-17 11:44 - 001302316 _____ () C:\Users\Grigorovi\AppData\Roaming\screenshot5Thursday1244426890000.png
      2018-05-17 11:44 - 2018-05-17 11:44 - 001299942 _____ () C:\Users\Grigorovi\AppData\Roaming\screenshot5Thursday1244446010000.png
      2016-09-01 09:53 - 2016-09-01 09:53 - 000000000 ____C () C:\Users\Grigorovi\AppData\Local\AtStart.txt
      2016-09-01 09:53 - 2016-09-01 09:53 - 000000000 ____C () C:\Users\Grigorovi\AppData\Local\DSwitch.txt
      2016-09-01 09:53 - 2016-09-01 09:53 - 000000000 ____C () C:\Users\Grigorovi\AppData\Local\QSwitch.txt
      2018-07-31 22:52 - 2018-07-31 22:52 - 000003292 ____C () C:\Users\Grigorovi\AppData\Local\recently-used.xbel
      2017-08-26 20:16 - 2017-08-26 20:16 - 000007597 ____C () C:\Users\Grigorovi\AppData\Local\Resmon.ResmonCfg
      2018-04-07 13:19 - 2018-04-07 13:19 - 000000003 ____C () C:\Users\Grigorovi\AppData\Local\wbem.ini
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-11-04 00:42
      ==================== End of FRST.txt ============================
       
      Addition.txt
    • от D101149
      Здравейте! Съмнявам се, че система ми е заразена ако може да ми помогнете ще съм ви благодарен (за пореден път)  Първите 3-4 минути изобщо хрома не зарежда страниците..
       
      Addition.txt
      FRST.txt
    • от mordikai
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
      Ran by Dellssd (administrator) on DELLSSD-PC (29-09-2018 16:54:29)
      Running from C:\Users\Dellssd\Downloads
      Loaded Profiles: Dellssd (Available Profiles: Dellssd)
      Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: IE)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
      (Intel Corporation) C:\Windows\System32\igfxtray.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.805\SSScheduler.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
      (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
      (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
      (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\splwow64.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (BitTorrent Inc.) C:\Users\Dellssd\AppData\Roaming\uTorrent\uTorrent.exe
      (BitTorrent Inc.) C:\Users\Dellssd\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe
      (BitTorrent Inc.) C:\Users\Dellssd\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software)
      HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
      HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
      HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
      Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-477188782-2465529923-3270759937-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [1447936 2018-07-13] (Adobe Systems Incorporated)
      HKU\S-1-5-21-477188782-2465529923-3270759937-1000\...\MountPoints2: {6e61377d-2802-11e7-81ae-1c659d02e554} - G:\AutoRun.exe
      HKU\S-1-5-21-477188782-2465529923-3270759937-1000\...\MountPoints2: {76ec0a4f-0d2e-11e6-8287-1c659d02e554} - F:\SETUP.EXE
      HKU\S-1-5-21-477188782-2465529923-3270759937-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
      HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
      Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-09-26]
      ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.805\SSScheduler.exe (McAfee, Inc.)
      GroupPolicy: Restriction ? <==== ATTENTION
      GroupPolicy\User: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      ProxyEnable: [S-1-5-21-477188782-2465529923-3270759937-1000] => Proxy is enabled.
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{645E12D2-5740-463F-B063-09C024155032}: [DhcpNameServer] 192.168.8.1 192.168.8.1
      Tcpip\..\Interfaces\{B0D854A2-9D35-438A-98DE-EE2EB8CFFC94}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKU\S-1-5-21-477188782-2465529923-3270759937-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-477188782-2465529923-3270759937-1000 -> 9845cd48-2779-11e7-bbbc-1c659d02e554 URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-477188782-2465529923-3270759937-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://yandex.ru/search/?win=277&clid=2262092-3&text={searchTerms}
      SearchScopes: HKU\S-1-5-21-477188782-2465529923-3270759937-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10041_spdf_opdfs_all_b_doc2pdf_170414__yaie&p={searchTerms}
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-10] (Google Inc.)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-10] (Google Inc.)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-10] (Google Inc.)
      Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-10] (Google Inc.)
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Google\Google Desktop Search\Plugins\gdSkype\skype4com.dll No File
      StartMenuInternet: IEXPLORE.EXE - iexplore.exe
      FireFox:
      ========
      FF DefaultProfile: yk7fki5l.default
      FF ProfilePath: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default [2018-09-26]
      FF Homepage: Mozilla\Firefox\Profiles\yk7fki5l.default -> hxxps://search.avast.com/AV772/
      FF NewTab: Mozilla\Firefox\Profiles\yk7fki5l.default -> about:newtab
      FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\homepage@mail.ru.xpi [2018-08-10]
      FF Extension: (Поиск Mail.Ru) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\search@mail.ru.xpi [2018-04-12]
      FF Extension: (Советник Яндекс.Маркета) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\sovetnik@metabar.ru.xpi [2018-09-19]
      FF Extension: (Avast SafePrice) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\sp@avast.com.xpi [2018-08-10]
      FF Extension: (Визуальные закладки) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\vb@yandex.ru.xpi [2018-05-06]
      FF Extension: (Avast Online Security) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\wrc@avast.com.xpi [2018-05-30]
      FF Extension: (Пульт) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi [2017-12-03]
      FF Extension: (Telemetry coverage) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\features\{02617030-72af-413d-a344-376f30098954}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-19] [Legacy]
      FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\avast-search.xml [2017-08-25]
      FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\yahoo-lavasoft.xml [2017-04-14]
      FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\Yahoo®-20173422.xml [2017-04-22]
      FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\yandex.ru-20173422.xml [2017-04-22]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
      FF Plugin-x32: Soda PDF Desktop -> C:\Program Files (x86)\Soda PDF Desktop\np-previewer.dll [2017-03-23] (LULU Software)
      FF Plugin HKU\S-1-5-21-477188782-2465529923-3270759937-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Dellssd\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.)
      Chrome: 
      =======
      CHR HomePage: Default -> yandex.ru
      CHR NewTab: Default ->  Active:"chrome-extension://fehhbdbmfjboomkmkflbaekjkhkklbnh/newtabproduct.html", Active:"chrome-extension://ceopoaldcnmhechacafgagdkklcogkgd/newtabproduct.html", Not-active:"chrome-extension://hcckjhfbahlnihggjcbadkgfjcghcibl/newtab/newtab.html", Not-active:"chrome-extension://mebpengldpmmlnaeehejppajiakgpbek/redirect.html", Not-active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html", Not-active:"chrome-extension://agibagflppafhfonkefpklndlohkclcb/index.html", Not-active:"chrome-extension://ghfmhofojkkfdnlfefhkckbflohgiicn/index.html"
      CHR DefaultSearchURL: Default -> hxxp://musix.searchalgo.com/search/?category=web&s=wmds&q={searchTerms}
      CHR DefaultSearchKeyword: Default -> WowMusix
      CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms}
      CHR Profile: C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default [2018-09-29]
      CHR Extension: (Slides) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
      CHR Extension: (Docs) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-19]
      CHR Extension: (Skype Calling) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-10-25]
      CHR Extension: (YouTube) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-19]
      CHR Extension: (OnlineMapFinder) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopoaldcnmhechacafgagdkklcogkgd [2018-04-26]
      CHR Extension: (Tampermonkey) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-24]
      CHR Extension: (Стартовая — Яндекс) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkekdlkmdpipihonapoleopfekmapadh [2017-06-14]
      CHR Extension: (Adobe Acrobat) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-14]
      CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-20]
      CHR Extension: (MyImageConverter) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fehhbdbmfjboomkmkflbaekjkhkklbnh [2018-08-23]
      CHR Extension: (Sheets) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Search App - Music) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\flohajbbpjlbphjgeffnhlopdhoonghc [2017-09-13]
      CHR Extension: (Google Docs Offline) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Avast Online Security) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
      CHR Extension: (Яндекс) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfblcbjfojmgagikhldeppgmgdpjkpl [2017-06-20]
      CHR Extension: (Ask Web Search) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmengapaekgmapkcophhdmppmjinpogo [2018-09-21]
      CHR Extension: (Ask Web Search) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkmodlfcmmnhhlofndkhdcembjaefbb [2018-09-21]
      CHR Extension: (FromDocToPDF) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2018-08-24]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\odijcgafkhpobjlnfdgiacpdenpmbgme [2016-10-19]
      CHR Extension: (Parity to Affinity) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\peagbbjfdfkkfcehfbddelhhppflbgla [2017-03-13]
      CHR Extension: (Mail.Ru) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\phkdcinmmljblpnkohlipaiodlonpinf [2016-10-19]
      CHR Extension: (SearchApp - Entertainment) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlbjnedeghkgaeghaiocogfofoicbpg [2018-01-16]
      CHR Extension: (Gmail) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-19]
      CHR Extension: (Chrome Media Router) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19]
      CHR Extension: (Pulse) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmpoaahleccaibbhfjfimigepmfmmbbk [2018-06-06]
      CHR HKLM-x32\...\Chrome\Extension: [dkekdlkmdpipihonapoleopfekmapadh] - hxxp://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [jkfblcbjfojmgagikhldeppgmgdpjkpl] - hxxp://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [odijcgafkhpobjlnfdgiacpdenpmbgme] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [phkdcinmmljblpnkohlipaiodlonpinf] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [pmpoaahleccaibbhfjfimigepmfmmbbk] - hxxps://clients2.google.com/service/update2/crx
      Opera: 
      =======
      OPR StartupUrls: "hxxps://www.yandex.ru/?win=277&clid=2262091-3"
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software)
      S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software)
      S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software)
      S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
      S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.805\McCHSvc.exe [405392 2018-09-24] (McAfee, Inc.)
      R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2017-02-22] (Microsoft)
      S2 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator-ws.exe [755048 2017-03-23] (LULU Software)
      S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
      R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25192 2017-04-14] ()
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
      S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\Kingsoft Office\wpscloudsvr.exe [220288 2018-03-28] (Zhuhai Kingsoft Office Software Co.,Ltd)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software)
      R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software)
      R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software)
      R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software)
      R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software)
      R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-12] (AVAST Software)
      R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software)
      R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-05] (AVAST Software)
      R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
      R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software)
      R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [103088 2015-02-26] (STMicroelectronics)
      R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\IFS64.sys [31320 2015-12-07] ()
      S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
      S3 btwaudio; system32\drivers\btwaudio.sys [X]
      S3 btwavdt; system32\drivers\btwavdt.sys [X]
      S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
      S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-09-29 16:54 - 2018-09-29 16:54 - 000026700 _____ C:\Users\Dellssd\Downloads\FRST.txt
      2018-09-29 16:54 - 2018-09-29 16:54 - 000000000 ____D C:\FRST
      2018-09-29 16:53 - 2018-09-29 16:53 - 002414080 _____ (Farbar) C:\Users\Dellssd\Downloads\FRST64.exe
      2018-09-29 16:19 - 2018-09-29 16:19 - 004279416 _____ (ESET) C:\Users\Dellssd\Downloads\eset_internet_security_live_installer.exe
      2018-09-29 15:16 - 2018-09-29 15:16 - 000017773 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E03.720p.WEBRip.x264-TBS.torrent
      2018-09-29 11:31 - 2018-09-29 11:31 - 000001191 _____ C:\Users\Dellssd\AppData\Roaming\uni.txt
      2018-09-29 08:39 - 2018-09-29 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
      2018-09-29 08:30 - 2018-09-29 08:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      2018-09-27 23:29 - 2018-09-27 23:29 - 005193216 _____ ( ) C:\Users\Dellssd\Downloads\wspsetup.exe
      2018-09-26 14:31 - 2018-09-26 14:31 - 000001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      2018-09-26 14:31 - 2018-09-26 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
      2018-09-26 14:31 - 2018-09-26 14:31 - 000000000 ____D C:\ProgramData\McAfee Security Scan
      2018-09-25 11:26 - 2018-09-28 11:38 - 000109568 ____H C:\Users\Dellssd\Desktop\~WRL1409.tmp
      2018-09-25 11:26 - 2018-09-27 10:53 - 000094208 ____H C:\Users\Dellssd\Desktop\~WRL1082.tmp
      2018-09-25 11:26 - 2018-09-26 13:19 - 000084480 ____H C:\Users\Dellssd\Desktop\~WRL1831.tmp
      2018-09-24 22:25 - 2018-09-24 22:25 - 000014480 _____ C:\Users\Dellssd\Downloads\Preacher.S03E10.HDTV.x264-KILLERS.mkv (2).torrent
      2018-09-24 09:39 - 2018-09-24 09:39 - 000014480 _____ C:\Users\Dellssd\Downloads\Preacher.S03E10.HDTV.x264-KILLERS.mkv (1).torrent
      2018-09-23 22:48 - 2018-09-23 22:48 - 000014480 _____ C:\Users\Dellssd\Downloads\Preacher.S03E10.HDTV.x264-KILLERS.mkv.torrent
      2018-09-23 22:46 - 2018-09-23 22:46 - 000011432 _____ C:\Users\Dellssd\Downloads\Preacher.S03E09.HDTV.x264-SVA (2).torrent
      2018-09-23 08:18 - 2018-09-23 08:18 - 000011432 _____ C:\Users\Dellssd\Downloads\Preacher.S03E09.HDTV.x264-SVA (1).torrent
      2018-09-22 20:53 - 2018-09-22 20:53 - 000011432 _____ C:\Users\Dellssd\Downloads\Preacher.S03E09.HDTV.x264-SVA.torrent
      2018-09-22 19:56 - 2018-09-22 19:56 - 000018281 _____ C:\Users\Dellssd\Downloads\Preacher.S03E08.720p.HEVC.x265-MeGusta.torrent
      2018-09-22 19:03 - 2018-09-22 19:03 - 000017384 _____ C:\Users\Dellssd\Downloads\Preacher.S03E07.720p.HEVC.x265-MeGusta.torrent
      2018-09-22 10:02 - 2018-09-22 10:02 - 000010528 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E01.HDTV.x264-SVA (1).torrent
      2018-09-21 18:54 - 2018-09-21 18:54 - 000010528 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E01.HDTV.x264-SVA.torrent
      2018-09-21 18:52 - 2018-09-21 18:52 - 000017830 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E02.WEBRip.x264-TBS.torrent
      2018-09-19 10:10 - 2018-09-19 10:10 - 000262144 _____ C:\Windows\Minidump\091918-9126-01.dmp
      2018-09-16 10:43 - 2018-09-16 10:43 - 000218836 _____ C:\Users\Dellssd\Desktop\a.psd
      2018-09-16 10:20 - 2018-09-16 10:21 - 000024235 _____ C:\Users\Dellssd\Desktop\a.jpf
      2018-09-08 16:34 - 2018-09-08 16:34 - 000152887 _____ C:\Users\Dellssd\Desktop\5.jpeg
      2018-09-06 20:51 - 2018-09-06 20:51 - 000015001 _____ C:\Users\Dellssd\Downloads\[kinozal.tv]id1604058.torrent
      2018-08-30 23:30 - 2018-08-30 23:29 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-09-29 16:53 - 2016-04-28 15:06 - 000000000 ____D C:\Users\Dellssd\AppData\Roaming\uTorrent
      2018-09-29 16:43 - 2017-05-15 14:15 - 000000378 _____ C:\Windows\Tasks\WpsNotifyTask_Dellssd.job
      2018-09-29 16:39 - 2018-02-11 22:39 - 000000994 _____ C:\Windows\Tasks\Chromium nefil.job
      2018-09-29 16:12 - 2016-10-21 06:34 - 000000000 ____D C:\Users\Dellssd\AppData\Roaming\vlc
      2018-09-29 15:16 - 2017-09-30 23:37 - 000000000 ____D C:\Users\Dellssd\AppData\LocalLow\uTorrent
      2018-09-29 13:22 - 2016-04-28 19:38 - 000000392 _____ C:\Windows\Tasks\update-sys.job
      2018-09-29 12:57 - 2016-04-28 19:38 - 000000392 _____ C:\Windows\Tasks\update-S-1-5-21-477188782-2465529923-3270759937-1000.job
      2018-09-29 08:39 - 2016-04-28 19:38 - 000003270 _____ C:\Windows\System32\Tasks\update-S-1-5-21-477188782-2465529923-3270759937-1000
      2018-09-29 08:38 - 2009-07-14 07:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-09-29 08:38 - 2009-07-14 07:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-09-29 08:30 - 2017-08-13 12:16 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
      2018-09-29 08:30 - 2017-03-11 18:15 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
      2018-09-29 08:30 - 2017-03-11 18:15 - 000000000 ___RD C:\Program Files (x86)\Skype
      2018-09-29 08:30 - 2016-04-28 15:22 - 000000000 ____D C:\ProgramData\Skype
      2018-09-29 08:28 - 2009-07-14 08:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-09-29 08:28 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
      2018-09-29 08:21 - 2016-04-28 15:19 - 000000204 _____ C:\Windows\Tasks\AutoKMS.job
      2018-09-29 08:21 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-09-27 23:33 - 2018-03-23 00:37 - 000000000 ____D C:\Users\Dellssd\AppData\Local\AVAST Software
      2018-09-27 10:13 - 2016-12-02 22:36 - 000000000 ____D C:\Users\Dellssd\Desktop\преводи
      2018-09-26 14:31 - 2018-07-13 15:01 - 000000000 ____D C:\Program Files\McAfee Security Scan
      2018-09-24 09:29 - 2017-04-13 09:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2018-09-24 09:29 - 2016-08-18 13:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2018-09-23 23:46 - 2016-12-01 16:09 - 000000000 ____D C:\Users\Dellssd\AppData\LocalLow\Mozilla
      2018-09-23 08:33 - 2017-07-27 09:56 - 000003180 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-477188782-2465529923-3270759937-1000
      2018-09-23 08:33 - 2017-05-14 12:21 - 000002164 _____ C:\Users\Dellssd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
      2018-09-23 08:33 - 2017-05-14 12:21 - 000000000 ___RD C:\Users\Dellssd\OneDrive
      2018-09-22 17:35 - 2018-08-29 08:46 - 000501760 ____H C:\Users\Dellssd\Desktop\~WRL1243.tmp
      2018-09-21 18:56 - 2016-10-30 19:56 - 000000000 ____D C:\Users\Dellssd\Desktop\subtitri
      2018-09-21 14:57 - 2018-08-29 08:46 - 000493568 ____H C:\Users\Dellssd\Desktop\~WRL3209.tmp
      2018-09-20 12:11 - 2016-09-26 11:57 - 000119544 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
      2018-09-20 10:36 - 2017-04-14 13:23 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2018-09-20 10:36 - 2017-04-14 13:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2018-09-19 23:21 - 2018-03-23 00:38 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
      2018-09-19 10:10 - 2017-01-14 08:33 - 000000000 ____D C:\Windows\Minidump
      2018-09-18 23:46 - 2016-09-19 00:17 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-09-18 23:46 - 2016-09-19 00:17 - 000002389 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-09-18 12:47 - 2018-08-29 08:46 - 000419328 ____H C:\Users\Dellssd\Desktop\~WRL1414.tmp
      2018-09-17 12:36 - 2018-08-29 08:46 - 000396288 ____H C:\Users\Dellssd\Desktop\~WRL2232.tmp
      2018-09-17 09:55 - 2016-04-28 15:19 - 000000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
      2018-09-16 22:22 - 2018-07-13 14:31 - 000004482 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2018-09-16 22:22 - 2018-06-17 11:13 - 000003138 _____ C:\Windows\System32\Tasks\{810AB3C2-34D4-499B-B4BB-9D38D546FA12}
      2018-09-16 22:22 - 2018-05-05 14:25 - 000003944 _____ C:\Windows\System32\Tasks\WpsUpdateTask_Dellssd
      2018-09-16 22:22 - 2017-08-07 09:24 - 000004192 _____ C:\Windows\System32\Tasks\WpsExternal_Dellssd_20170807092444
      2018-09-16 22:22 - 2017-05-15 14:15 - 000004196 _____ C:\Windows\System32\Tasks\WpsKtpcntrQingTask_Dellssd
      2018-09-16 22:22 - 2017-05-15 14:15 - 000003362 _____ C:\Windows\System32\Tasks\WpsNotifyTask_Dellssd
      2018-09-16 22:22 - 2017-04-16 19:21 - 000004308 _____ C:\Windows\System32\Tasks\Opera scheduled suite Autoupdate 1492359678
      2018-09-16 22:22 - 2017-04-16 19:21 - 000004086 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1492359677
      2018-09-16 22:22 - 2017-04-14 13:19 - 000003572 _____ C:\Windows\System32\Tasks\doPDF Update
      2018-09-16 22:22 - 2017-03-11 18:01 - 000003154 _____ C:\Windows\System32\Tasks\{F75FB1AB-3FC6-4CCB-8E59-EFFFE1750F20}
      2018-09-16 22:22 - 2017-03-11 17:59 - 000003154 _____ C:\Windows\System32\Tasks\{CEDD031E-67BD-4005-BC8D-F936A030F0BA}
      2018-09-16 22:22 - 2017-03-10 11:47 - 000003154 _____ C:\Windows\System32\Tasks\{54495718-5171-4E02-8AE9-0C0BA73E7D7F}
      2018-09-16 22:22 - 2017-03-10 11:46 - 000003154 _____ C:\Windows\System32\Tasks\{E1C2E6E7-851E-4C71-BE27-06A41080DD86}
      2018-09-16 22:22 - 2017-03-08 15:35 - 000003154 _____ C:\Windows\System32\Tasks\{380FC156-4700-48BE-8B5A-FBA1286DCE61}
      2018-09-16 22:22 - 2017-03-07 19:54 - 000003154 _____ C:\Windows\System32\Tasks\{B59123EA-C895-4329-A7B1-CB325A18760F}
      2018-09-16 22:22 - 2017-03-07 19:53 - 000003154 _____ C:\Windows\System32\Tasks\{1B3678E0-0EBD-4B19-8557-0E961136459F}
      2018-09-16 22:22 - 2017-03-07 19:23 - 000003152 _____ C:\Windows\System32\Tasks\{C3112054-5422-446C-8C6A-CBF71C0F1362}
      2018-09-16 22:22 - 2017-03-07 19:18 - 000003154 _____ C:\Windows\System32\Tasks\{2A7E9ED5-EA5D-44CE-A690-23D3D3057CA2}
      2018-09-16 22:22 - 2017-03-07 19:14 - 000003154 _____ C:\Windows\System32\Tasks\{E3C65BC8-A75A-427C-B27F-42C9BBE41C62}
      2018-09-16 22:22 - 2016-10-20 13:50 - 000003112 _____ C:\Windows\System32\Tasks\{35511907-B4BB-42B6-B5D5-1DEA4D518FE5}
      2018-09-16 22:22 - 2016-10-20 13:36 - 000003164 _____ C:\Windows\System32\Tasks\{CF456C35-60A1-4F96-848F-0062539D31D4}
      2018-09-16 22:22 - 2016-10-20 13:08 - 000003164 _____ C:\Windows\System32\Tasks\{286D155D-B077-4884-A3BD-71EBE307BEF5}
      2018-09-16 22:22 - 2016-10-20 13:07 - 000003164 _____ C:\Windows\System32\Tasks\{295B979B-F0EA-40DA-9832-C45D45FC859B}
      2018-09-16 22:22 - 2016-10-19 13:20 - 000003164 _____ C:\Windows\System32\Tasks\{B72E12E4-120A-46A7-B0FC-AED00851297F}
      2018-09-16 22:22 - 2016-10-19 12:55 - 000003164 _____ C:\Windows\System32\Tasks\{A7EABB03-E8E6-444E-9C70-01DEA803DBEC}
      2018-09-16 22:22 - 2016-10-19 12:53 - 000003164 _____ C:\Windows\System32\Tasks\{D6E5F4DF-91E3-4ECA-B09F-9DCF123E1030}
      2018-09-16 22:22 - 2016-09-19 00:16 - 000003432 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-09-16 22:22 - 2016-09-19 00:16 - 000003304 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-09-16 22:22 - 2016-04-28 19:38 - 000003400 _____ C:\Windows\System32\Tasks\update-sys
      2018-09-16 22:22 - 2016-04-28 15:19 - 000002740 _____ C:\Windows\System32\Tasks\AutoKMSDaily
      2018-09-16 22:22 - 2016-04-28 15:19 - 000002436 _____ C:\Windows\System32\Tasks\AutoKMS
      2018-09-16 22:22 - 2016-04-28 15:14 - 000003148 _____ C:\Windows\System32\Tasks\{5A5A1497-EAC4-4683-9946-09144759EE3B}
      2018-09-16 22:22 - 2016-04-28 13:36 - 000003254 _____ C:\Windows\System32\Tasks\{CD225CD4-3990-439E-8F36-78EB3BDEE4E1}
      2018-09-16 20:22 - 2018-08-29 08:46 - 000370688 ____H C:\Users\Dellssd\Desktop\~WRL3793.tmp
      2018-09-15 19:37 - 2018-08-29 08:46 - 000344576 ____H C:\Users\Dellssd\Desktop\~WRL1766.tmp
      2018-09-14 18:54 - 2018-08-29 08:46 - 000297984 ____H C:\Users\Dellssd\Desktop\~WRL2266.tmp
      2018-09-13 15:27 - 2018-08-29 08:46 - 000268288 ____H C:\Users\Dellssd\Desktop\~WRL2379.tmp
      2018-09-12 23:30 - 2016-04-28 15:24 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2018-09-12 12:59 - 2018-08-29 08:46 - 000251904 ____H C:\Users\Dellssd\Desktop\~WRL1812.tmp
      2018-09-12 12:19 - 2016-04-28 15:24 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2018-09-09 09:00 - 2018-08-29 08:46 - 000212992 ____H C:\Users\Dellssd\Desktop\~WRL1160.tmp
      2018-09-08 11:36 - 2018-08-29 08:46 - 000209920 ____H C:\Users\Dellssd\Desktop\~WRL3129.tmp
      2018-09-07 13:25 - 2018-08-29 08:46 - 000199168 ____H C:\Users\Dellssd\Desktop\~WRL0459.tmp
      2018-09-05 11:53 - 2016-04-28 15:24 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2018-09-04 13:41 - 2018-08-29 08:46 - 000154624 ____H C:\Users\Dellssd\Desktop\~WRL0358.tmp
      2018-09-03 23:58 - 2017-03-11 17:50 - 000000000 _____ C:\Windows\SysWOW64\last.dump
      2018-09-03 10:30 - 2018-08-29 08:46 - 000122368 ____H C:\Users\Dellssd\Desktop\~WRL1632.tmp
      2018-09-01 12:16 - 2018-08-29 08:46 - 000114688 ____H C:\Users\Dellssd\Desktop\~WRL0845.tmp
      2018-08-31 12:46 - 2018-08-29 08:46 - 000098304 ____H C:\Users\Dellssd\Desktop\~WRL3568.tmp
      2018-08-30 23:30 - 2017-04-04 12:54 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2018-08-30 23:30 - 2016-04-28 15:24 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2018-08-30 23:29 - 2017-12-23 19:29 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
      2018-08-30 23:29 - 2017-11-13 11:28 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2018-08-30 23:29 - 2017-04-04 12:54 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
      2018-08-30 23:29 - 2017-04-04 12:54 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2018-08-30 23:29 - 2017-04-04 12:54 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
      2018-08-30 23:29 - 2017-04-04 12:54 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
      2018-08-30 23:29 - 2016-04-28 15:24 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2018-08-30 23:29 - 2016-04-28 15:24 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2018-08-30 23:29 - 2016-04-28 15:24 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2018-08-30 23:29 - 2016-04-28 15:24 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2018-08-30 13:39 - 2018-08-29 08:46 - 000077824 ____H C:\Users\Dellssd\Desktop\~WRL3210.tmp
      ==================== Files in the root of some directories =======
      2015-10-21 18:11 - 2015-10-21 18:11 - 130502551 _____ () C:\Program Files\openoffice1.cab
      2015-10-21 18:10 - 2015-10-21 18:10 - 002310144 _____ () C:\Program Files\openoffice412.msi
      2015-10-21 18:10 - 2015-10-21 18:10 - 000478720 _____ () C:\Program Files\setup.exe
      2015-10-21 18:10 - 2015-10-21 18:10 - 000000279 _____ () C:\Program Files\setup.ini
      2016-12-08 14:00 - 2017-03-04 10:53 - 000000132 _____ () C:\Users\Dellssd\AppData\Roaming\Adobe AIFF Format CS6 Prefs
      2016-12-07 08:29 - 2016-12-07 08:29 - 000000146 _____ () C:\Users\Dellssd\AppData\Roaming\gamma_ramp.reg
      2018-09-29 11:31 - 2018-09-29 11:31 - 000001191 _____ () C:\Users\Dellssd\AppData\Roaming\uni.txt
      2017-04-08 21:19 - 2016-03-31 21:40 - 000145792 _____ () C:\Users\Dellssd\AppData\Local\downloader.exe
      2016-04-28 19:38 - 2016-04-28 19:38 - 000000003 ____H () C:\Users\Dellssd\AppData\Local\updater.log
      2016-04-28 19:38 - 2016-04-28 19:38 - 000000424 ____H () C:\Users\Dellssd\AppData\Local\UserProducts.xml
      2016-10-29 12:23 - 2016-10-29 12:23 - 000017408 _____ () C:\Users\Dellssd\AppData\Local\WebpageIcons.db
      2017-02-10 09:00 - 2017-02-10 09:00 - 000000000 _____ () C:\Users\Dellssd\AppData\Local\{DC54C818-2F39-4DF4-A54B-09F3D3BE3CC3}
      Some files in TEMP:
      ====================
      2018-04-09 11:51 - 2018-08-20 12:55 - 062983128 _____ (Softland) C:\Users\Dellssd\AppData\Local\Temp\dopdf-full.exe
      2017-05-15 14:12 - 2017-05-15 14:12 - 003463288 _____ (Gadomotus                                                   ) C:\Users\Dellssd\AppData\Local\Temp\ICReinstall_microsoft_office (1).exe
      2016-10-29 19:52 - 2016-10-30 14:18 - 037642072 _____ (PandoraTV) C:\Users\Dellssd\AppData\Local\Temp\KMP_4.1.3.3.exe
      2017-12-16 10:25 - 2017-12-16 10:25 - 039544976 _____ (PandoraTV) C:\Users\Dellssd\AppData\Local\Temp\KMP_4.2.2.5.exe
      2016-12-06 13:30 - 2016-12-07 08:28 - 048947193 _____ () C:\Users\Dellssd\AppData\Local\Temp\new_version.exe
      2017-10-10 23:42 - 2017-10-10 23:42 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710104236545.dll
      2017-10-12 10:00 - 2017-10-12 10:00 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017101208259.dll
      2017-10-13 10:42 - 2017-10-13 10:42 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710134229437.dll
      2017-10-13 10:47 - 2017-10-13 10:47 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171013479979.dll
      2017-10-16 10:13 - 2017-10-16 10:13 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710161342290.dll
      2017-10-19 23:59 - 2017-10-19 23:59 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710195926616.dll
      2017-10-24 10:14 - 2017-10-24 10:14 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710241457563.dll
      2017-10-24 10:09 - 2017-10-24 10:09 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171024911435.dll
      2017-10-02 08:58 - 2017-10-02 08:58 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171025819305.dll
      2017-10-28 08:06 - 2017-10-28 08:06 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171028622139.dll
      2017-10-04 09:31 - 2017-10-04 09:31 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171043113370.dll
      2017-10-05 09:53 - 2017-10-05 09:53 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017105532580.dll
      2017-10-06 09:16 - 2017-10-06 09:16 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171061623730.dll
      2017-10-06 23:52 - 2017-10-06 23:52 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171065224505.dll
      2017-10-07 09:54 - 2017-10-07 09:54 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171075447890.dll
      2017-10-09 10:23 - 2017-10-09 10:23 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171092328422.dll
      2017-11-10 11:43 - 2017-11-10 11:43 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711104321386.dll
      2017-11-01 10:23 - 2017-11-01 10:23 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171112339856.dll
      2017-11-02 00:52 - 2017-11-02 00:52 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171115225368.dll
      2017-11-17 12:11 - 2017-11-17 12:11 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171117111267.dll
      2017-11-18 19:17 - 2017-11-18 19:17 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711181734927.dll
      2017-11-21 00:46 - 2017-11-21 00:46 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017112046238.dll
      2017-11-23 00:46 - 2017-11-23 00:46 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711224618694.dll
      2017-11-25 09:12 - 2017-11-25 09:12 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711251244928.dll
      2017-11-27 10:16 - 2017-11-27 10:16 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711271659784.dll
      2017-11-06 09:42 - 2017-11-06 09:42 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171164236192.dll
      2017-11-08 10:10 - 2017-11-08 10:10 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017118103184.dll
      2017-11-09 00:50 - 2017-11-09 00:50 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171185049290.dll
      2017-12-11 11:10 - 2017-12-11 11:10 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171211109386.dll
      2017-12-16 10:08 - 2017-12-16 10:08 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171216841406.dll
      2017-12-20 10:30 - 2017-12-20 10:30 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171220300768.dll
      2017-12-21 09:59 - 2017-12-21 09:59 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171221599557.dll
      2017-12-25 11:52 - 2017-12-25 11:52 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201712255220697.dll
      2017-12-27 10:46 - 2017-12-27 10:46 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201712274620418.dll
      2017-12-28 10:30 - 2017-12-28 10:30 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171228304823.dll
      2017-12-30 09:54 - 2017-12-30 09:54 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201712305435151.dll
      2017-12-06 11:04 - 2017-12-06 11:04 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017126459962.dll
      2017-05-16 23:45 - 2017-05-16 23:45 - 001980416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175164533688.dll
      2017-05-19 08:44 - 2017-05-19 08:44 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175194420141.dll
      2017-05-20 06:44 - 2017-05-20 06:44 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175204459667.dll
      2017-05-24 09:17 - 2017-05-24 09:17 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017524175694.dll
      2017-05-29 08:07 - 2017-05-29 08:07 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175297735.dll
      2017-06-13 07:40 - 2017-06-13 07:40 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20176134013374.dll
      2017-06-13 23:42 - 2017-06-13 23:42 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017613428192.dll
      2017-06-16 08:07 - 2017-06-16 08:07 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017616745230.dll
      2017-06-17 20:54 - 2017-06-17 20:54 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20176175444375.dll
      2017-06-20 12:39 - 2017-06-20 12:39 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017620392713.dll
      2017-06-22 07:31 - 2017-06-22 07:31 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20176223128826.dll
      2017-06-30 08:43 - 2017-06-30 08:43 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017630439814.dll
      2017-06-05 13:34 - 2017-06-05 13:34 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017653419350.dll
      2017-06-06 23:39 - 2017-06-06 23:39 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017663958437.dll
      2017-06-08 18:49 - 2017-06-08 18:49 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017684938352.dll
      2017-07-10 18:05 - 2017-07-10 18:05 - 001972736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017710548407.dll
      2017-07-14 18:41 - 2017-07-14 18:41 - 001973248 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017714411279.dll
      2017-07-18 23:54 - 2017-07-18 23:54 - 001973248 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177185419573.dll
      2017-07-21 05:15 - 2017-07-21 05:15 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177211525566.dll
      2017-07-27 09:55 - 2017-07-27 09:55 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177275517760.dll
      2017-07-28 04:57 - 2017-07-28 04:57 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177285736189.dll
      2017-07-03 08:19 - 2017-07-03 08:19 - 001972736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017731946996.dll
      2017-07-04 09:07 - 2017-07-04 09:07 - 001972736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201774732193.dll
      2017-08-01 08:38 - 2017-08-01 08:38 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201781381180.dll
      2017-08-16 05:06 - 2017-08-16 05:06 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017816647150.dll
      2017-08-18 04:56 - 2017-08-18 04:56 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20178185624580.dll
      2017-08-20 07:53 - 2017-08-20 07:53 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20178205358978.dll
      2017-08-23 09:46 - 2017-08-23 09:46 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20178234653479.dll
      2017-08-26 09:05 - 2017-08-26 09:05 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017826549919.dll
      2017-08-31 08:56 - 2017-08-31 08:56 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017831561686.dll
      2017-08-05 07:40 - 2017-08-05 07:40 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017854013409.dll
      2017-08-06 22:28 - 2017-08-06 22:28 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017862837477.dll
      2017-08-09 09:31 - 2017-08-09 09:31 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017893159204.dll
      2017-09-14 08:52 - 2017-09-14 08:52 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20179145250727.dll
      2017-09-20 08:56 - 2017-09-20 08:56 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20179205616444.dll
      2017-09-02 09:04 - 2017-09-02 09:04 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201792421331.dll
      2017-09-26 11:48 - 2017-09-26 11:48 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20179264854497.dll
      2017-09-28 00:05 - 2017-09-28 00:05 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017927529360.dll
      2017-09-07 04:56 - 2017-09-07 04:56 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017975639972.dll
      2018-01-16 10:06 - 2018-01-16 10:06 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201811662581.dll
      2018-01-18 00:32 - 2018-01-18 00:32 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20181173214934.dll
      2018-01-19 00:31 - 2018-01-19 00:31 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20181183124471.dll
      2018-01-21 11:17 - 2018-01-21 11:17 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20181211757955.dll
      2018-01-04 11:38 - 2018-01-04 11:38 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2018143847667.dll
      2018-01-07 08:59 - 2018-01-07 08:59 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2018175955849.dll
      2018-01-09 10:29 - 2018-01-09 10:29 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2018192959337.dll
      2010-06-17 17:09 - 2010-06-17 17:09 - 000149352 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00000.exe
      2012-11-10 21:20 - 2012-11-10 21:20 - 000150600 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00001.exe
      2008-11-16 13:38 - 2008-11-16 13:38 - 000145184 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00002.exe
      2010-06-17 17:09 - 2010-06-17 17:09 - 000149352 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00003.exe
      2016-08-16 10:48 - 2016-08-16 10:48 - 000488960 _____ () C:\Users\Dellssd\AppData\Local\Temp\sqlite3.exe
      2017-04-22 19:34 - 2017-04-22 19:34 - 000181544 _____ () C:\Users\Dellssd\AppData\Local\Temp\ubar-yadownloader.exe
      2017-03-15 22:10 - 2017-03-15 22:10 - 014456872 _____ (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\vc_redist.x86.exe
      2017-08-13 12:15 - 2017-08-13 12:15 - 030950664 _____ () C:\Users\Dellssd\AppData\Local\Temp\vlc-2.2.6-win32.exe
      2017-04-14 13:05 - 2017-04-14 13:05 - 000349280 _____ (Lavasoft) C:\Users\Dellssd\AppData\Local\Temp\WcInstaller.exe
      2017-04-22 21:17 - 2017-03-27 12:10 - 000237920 _____ () C:\Users\Dellssd\AppData\Local\Temp\YandexWorking.exe
      2017-03-30 21:07 - 2017-03-30 21:07 - 061980664 _____ (YANDEX LLC) C:\Users\Dellssd\AppData\Local\Temp\{13BD144E-5CAE-445E-ACAC-B02F6DDCF43E}.exe
      2016-10-20 12:07 - 2016-10-20 12:07 - 044295032 _____ (Google Inc.) C:\Users\Dellssd\AppData\Local\Temp\{486E4B52-BB14-452C-9A04-353419ACD5E8}-54.0.2840.71_chrome_installer.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-09-25 14:59
      ==================== End of FRST.txt ============================
      Addition.txt
    • от ivan_dimitrov26
      Добър ден. От няколко дни след зареждане на Windows-а се зарежда Chromuim (подобен на Google Chrome). Предполагам, че е влязъл с инсталиране на друга програма. Сканирах с Аваст, но не намери нищо. Компютърът е с по-стара операционна система, но се използва рядко.
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06.10.2018
      Ran by Administrator (administrator) on V002-16032D283A (09-10-2018 12:51:00)
      Running from C:\Documents and Settings\Administrator\Desktop
      Loaded Profiles: Administrator (Available Profiles: Administrator)
      Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: IE)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
      (Samsung Electronics.) C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe
      (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
      (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
      (NewSoft Technology Corporation) C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe
      (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
      (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
      () C:\WINDOWS\Datecs\FType2K.exe
      (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
      (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
      (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
      (Google Inc.) C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      (Google Inc.) C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      (Google Inc.) C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      (Google Inc.) C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      (Google Inc.) C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      HKLM\...\Run: [nwiz] => nwiz.exe /install
      HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
      HKLM\...\Run: [Samsung Common SM] => C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [372736 2005-07-03] (Samsung Electronics.)
      HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2005-01-12] (Cyberlink Corp.)
      HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
      HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [716800 2005-09-07] (Analog Devices, Inc.)
      HKLM\...\Run: [Smart Start UP] => C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe [104528 2007-04-27] (NewSoft Technology Corporation)
      HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-09] (AVAST Software)
      HKU\S-1-5-21-2025429265-842925246-1177238915-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27716568 2017-05-05] (Skype Technologies S.A.)
      HKU\S-1-5-21-2025429265-842925246-1177238915-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\MSMSGS.EXE [1507600 2002-10-17] (Microsoft Corporation)
      HKU\S-1-5-21-2025429265-842925246-1177238915-500\...\Run: [Chromium] => c:\documents and settings\administrator\local settings\application data\chromium\application\chrome.exe [666624 2015-07-30] (The Chromium Authors)
      SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
      Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2018-10-06]
      ShortcutTarget: FlexType 2K.lnk -> C:\WINDOWS\Datecs\FType2K.exe ()
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{15E2290D-8571-410D-8D3C-128B92D7A9B4}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      HKU\S-1-5-21-2025429265-842925246-1177238915-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKU\S-1-5-21-2025429265-842925246-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      HKU\S-1-5-21-2025429265-842925246-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
      HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
      SearchScopes: HKLM -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKLM -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2025429265-842925246-1177238915-500 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2025429265-842925246-1177238915-500 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
      Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
      StartMenuInternet: IEXPLORE.EXE - iexplore.exe
      FireFox:
      ========
      FF DefaultProfile: wykzwtrk.default
      FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wykzwtrk.default [2018-10-09]
      FF Homepage: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wykzwtrk.default -> hxxps://www.gbg.bg/
      FF Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wykzwtrk.default\Extensions\wrc@avast.com.xpi [2018-10-09]
      FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
      FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2018-10-05] [Legacy] [not signed]
      FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
      StartMenuInternet: FIREFOX.EXE - firefox.exe
      Chrome: 
      =======
      CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default [2018-10-09]
      CHR Extension: (Docs) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-04]
      CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-04]
      CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-04]
      CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-04]
      CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-04]
      CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-04]
      StartMenuInternet: chrome.exe - C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      StartMenuInternet: Google Chrome - C:\Program Files\Chrome\chrome32_49.0.2623.75\chrome.exe
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6488376 2018-10-09] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-10-09] (AVAST Software)
      S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [127872 2005-03-04] (Andrea Electronics Corporation)
      R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-10-09] (AVAST Software)
      R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188336 2018-10-09] (AVAST Software)
      R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-10-09] (AVAST Software)
      R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284320 2018-10-09] (AVAST Software)
      R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57968 2018-10-09] (AVAST Software)
      R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [196008 2018-10-09] (AVAST Software)
      S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-10-09] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135376 2018-10-09] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70840 2018-10-09] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73264 2018-10-09] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784112 2018-10-09] (AVAST Software)
      R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [396536 2018-10-09] (AVAST Software)
      R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [206976 2018-10-09] (AVAST Software)
      R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [311328 2018-10-09] (AVAST Software)
      R2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2005-03-14] (DeviceGuys, Inc.) [File not signed]
      R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
      R3 HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [907456 2001-08-17] (Conexant)
      R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2014-02-12] (Marvell Semiconductor Inc.)
      R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2014-02-12] (Marvell Semiconductor Inc.) [File not signed]
      R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2014-02-12] (Marvell Semiconductor Inc.)
      R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2003-10-28] (Sonic Solutions) [File not signed]
      R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [393088 2005-08-11] (Sensaura)
      R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [299424 2012-03-27] (Marvell)
      S4 IntelIde; no ImagePath
      U1 WS2IFSL; no ImagePath
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-10-09 12:51 - 2018-10-09 12:51 - 000012972 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
      2018-10-09 12:50 - 2018-10-09 12:51 - 000000000 ____D C:\FRST
      2018-10-09 12:47 - 2018-10-09 12:49 - 001774592 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
      2018-10-09 08:45 - 2018-10-09 08:45 - 000000000 ____D C:\WINDOWS\CSC
      2018-10-09 08:42 - 2018-10-09 08:42 - 000323288 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
      2018-10-09 08:33 - 2018-10-09 08:33 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\AVAST Software
      2018-10-09 08:32 - 2018-10-09 08:32 - 000001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
      2018-10-09 08:32 - 2018-10-09 08:32 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
      2018-10-09 08:31 - 2018-10-09 12:43 - 000000310 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
      2018-10-09 08:30 - 2018-10-09 08:43 - 000396536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
      2018-10-09 08:30 - 2018-10-09 08:43 - 000206976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
      2018-10-09 08:30 - 2018-10-09 08:43 - 000135376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
      2018-10-09 08:30 - 2018-10-09 08:43 - 000073264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
      2018-10-09 08:30 - 2018-10-09 08:42 - 000784112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
      2018-10-09 08:30 - 2018-10-09 08:42 - 000311328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
      2018-10-09 08:30 - 2018-10-09 08:42 - 000196008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
      2018-10-09 08:30 - 2018-10-09 08:42 - 000167552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
      2018-10-09 08:30 - 2018-10-09 08:42 - 000070840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
      2018-10-09 08:30 - 2018-10-09 08:42 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
      2018-10-09 08:30 - 2018-10-09 08:41 - 000284320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
      2018-10-09 08:30 - 2018-10-09 08:41 - 000188336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
      2018-10-09 08:30 - 2018-10-09 08:41 - 000164944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
      2018-10-09 08:30 - 2018-10-09 08:41 - 000057968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
      2018-10-09 08:29 - 2018-10-09 08:29 - 000000000 ____D C:\Program Files\AVAST Software
      2018-10-08 13:13 - 2018-10-08 13:14 - 000000099 _____ C:\WINDOWS\Reimage.ini
      2018-10-08 13:13 - 2018-10-08 13:13 - 000000000 ____D C:\rei
      2018-10-07 09:40 - 2018-10-07 09:40 - 000000043 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
      2018-10-06 14:51 - 2018-10-06 14:51 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\CEF
      2018-10-06 14:48 - 2018-10-09 09:02 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\AVAST Software
      2018-10-06 14:46 - 2018-10-06 14:46 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Temp
      2018-10-06 14:45 - 2018-10-06 14:45 - 000000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
      2018-10-06 14:45 - 2008-11-07 18:55 - 000016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
      2018-10-06 14:44 - 2018-10-06 14:43 - 001142072 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
      2018-10-06 14:42 - 2018-10-06 14:42 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Media Player Classic
      2018-10-06 14:41 - 2018-10-06 14:42 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\chromium
      2018-10-06 14:40 - 2018-10-08 13:58 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Namek
      2018-10-06 14:39 - 2018-10-09 12:32 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
      2018-10-06 14:39 - 2018-10-06 14:39 - 000000717 _____ C:\Documents and Settings\All Users\Desktop\Crystal Player.lnk
      2018-10-06 14:39 - 2018-10-06 14:39 - 000000000 ____D C:\Program Files\Crystal Player
      2018-10-06 14:39 - 2018-10-06 14:39 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Crystal Player
      2018-10-06 14:39 - 2018-10-06 14:39 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Crystal Player
      2018-10-06 14:37 - 2018-10-06 14:37 - 000000940 _____ C:\Documents and Settings\All Users\Desktop\Media Player Classic.lnk
      2018-10-06 14:37 - 2018-10-06 14:37 - 000000000 ____D C:\Program Files\K-Lite Codec Pack
      2018-10-06 14:37 - 2018-10-06 14:37 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
      2018-10-06 14:37 - 2006-09-13 23:14 - 000593938 _____ C:\WINDOWS\system32\x264vfw.dll
      2018-10-06 14:37 - 2006-07-05 20:02 - 000005120 _____ C:\WINDOWS\system32\ff_vfw.dll
      2018-10-06 14:37 - 2006-07-03 23:40 - 000620180 _____ (DivX, Inc.) C:\WINDOWS\system32\divx.dll
      2018-10-06 14:37 - 2006-06-21 12:42 - 001044480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\libdivx.dll
      2018-10-06 14:37 - 2006-06-21 12:42 - 000200704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\ssldivx.dll
      2018-10-06 14:37 - 2006-05-25 00:47 - 003596288 _____ C:\WINDOWS\system32\qt-dx331.dll
      2018-10-06 14:37 - 2006-05-25 00:46 - 000200704 _____ (DivXNetworks) C:\WINDOWS\system32\dtu100.dll
      2018-10-06 14:37 - 2006-05-13 23:16 - 000118784 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
      2018-10-06 14:37 - 2006-04-20 16:00 - 000856064 _____ C:\WINDOWS\system32\xvidcore.dll
      2018-10-06 14:37 - 2006-04-08 03:13 - 000090112 _____ (DivXNetworks) C:\WINDOWS\system32\dpl100.dll
      2018-10-06 14:37 - 2006-02-27 15:30 - 000217088 _____ C:\WINDOWS\system32\xvidvfw.dll
      2018-10-06 14:37 - 2005-02-24 18:56 - 000000547 _____ C:\WINDOWS\system32\ff_vfw.dll.manifest
      2018-10-06 14:37 - 2003-06-23 02:44 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMV9VCM.dll
      2018-10-06 14:26 - 2018-10-06 14:26 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Datecs Applications
      2018-10-06 14:20 - 2018-10-06 14:20 - 000000763 _____ C:\Documents and Settings\Administrator\Desktop\BSPlayer.lnk
      2018-10-06 14:20 - 2018-10-06 14:20 - 000000000 ____D C:\Program Files\Webteh
      2018-10-06 14:20 - 2018-10-06 14:20 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Webteh
      2018-10-06 09:28 - 2018-10-06 14:57 - 000000654 _____ C:\Documents and Settings\Administrator\Desktop\Winamp.lnk
      2018-10-06 09:28 - 2018-10-06 14:57 - 000000000 ____D C:\Program Files\Winamp
      2018-10-06 09:28 - 2018-10-06 09:28 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Winamp
      2018-10-05 12:45 - 2018-10-05 12:45 - 000053248 _____ C:\WINDOWS\system32\zlib.dll
      2018-10-05 09:04 - 2018-10-05 09:04 - 000001106 _____ C:\Documents and Settings\Administrator\Desktop\Nero Burning ROM.lnk
      2018-10-05 09:02 - 2018-10-05 09:03 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Nero
      2018-10-05 09:02 - 2018-10-05 09:02 - 000000000 ____D C:\Program Files\Common Files\Ahead
      2018-10-05 09:02 - 2004-03-03 20:30 - 000125184 _____ (Ahead Software AG) C:\WINDOWS\system32\Drivers\imagesrv.sys
      2018-10-05 09:02 - 2004-03-03 20:30 - 000005504 _____ (Ahead Software AG) C:\WINDOWS\system32\Drivers\imagedrv.sys
      2018-10-05 09:02 - 2001-07-09 10:50 - 000155648 _____ (Ahead Software Gmbh) C:\WINDOWS\system32\NeroCheck.exe
      2018-10-05 09:02 - 2001-07-06 17:24 - 000283920 _____ (Pegasus Software, LLC) C:\WINDOWS\system32\ImagXpr5.dll
      2018-10-05 09:02 - 2001-07-06 13:41 - 000569344 _____ (Pegasus Software,LLC) C:\WINDOWS\system32\imagr5.dll
      2018-10-05 09:02 - 2001-07-06 11:44 - 000544768 _____ (Pegasus Software, LLC) C:\WINDOWS\system32\imagx5.dll
      2018-10-05 09:02 - 2001-06-26 07:15 - 000038912 _____ (Pegasus Imaging Corp.) C:\WINDOWS\system32\picn20.dll
      2018-10-05 09:02 - 2000-06-26 10:45 - 000106496 _____ (Pegasus Software) C:\WINDOWS\system32\TwnLib20.dll
      2018-10-05 08:52 - 2018-10-05 08:52 - 000000000 ____D C:\Program Files\MSECache
      2018-10-05 08:45 - 2018-10-05 08:45 - 000000000 ____D C:\Documents and Settings\Administrator\My Documents\My Skype Received Files
      2018-10-05 08:45 - 2018-10-05 08:45 - 000000000 ____D C:\Documents and Settings\Administrator\My Documents\My Skype Pictures
      2018-10-05 08:45 - 2018-10-05 08:45 - 000000000 ____D C:\Documents and Settings\Administrator\My Documents\My Skype Content
      2018-10-05 08:36 - 2018-10-05 08:36 - 000154568 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
      2018-10-05 08:35 - 2018-10-05 08:35 - 000000000 ____D C:\WINDOWS\system32\XPSViewer
      2018-10-05 08:34 - 2018-10-05 08:34 - 000000000 ____D C:\Program Files\Reference Assemblies
      2018-10-05 08:34 - 2018-10-05 08:34 - 000000000 ____D C:\Program Files\MSBuild
      2018-10-05 08:34 - 2008-11-07 18:55 - 000026144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spupdsvc.exe
      2018-10-05 08:34 - 2008-07-06 15:06 - 001676288 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
      2018-10-05 08:34 - 2008-07-06 15:06 - 001676288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpssvcs.dll
      2018-10-05 08:34 - 2008-07-06 15:06 - 000575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsshhdr.dll
      2018-10-05 08:34 - 2008-07-06 15:06 - 000575488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpsshhdr.dll
      2018-10-05 08:34 - 2008-07-06 15:06 - 000117760 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
      2018-10-05 08:34 - 2008-07-06 15:06 - 000089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
      2018-10-05 08:34 - 2008-07-06 13:50 - 000597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
      2018-10-05 08:34 - 2007-11-30 15:39 - 000017272 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
      2018-10-05 08:33 - 2018-10-05 08:33 - 000000829 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
      2018-10-05 08:33 - 2018-10-05 08:33 - 000000000 ____D C:\Program Files\Messenger
      2018-10-05 08:31 - 2018-10-05 08:31 - 000000000 ____D C:\Program Files\Microsoft .NET Micro Framework
      2018-10-05 08:28 - 2018-10-05 08:28 - 000000853 _____ C:\Documents and Settings\All Users\Desktop\PDFArchitect.lnk
      2018-10-05 08:28 - 2018-10-05 08:28 - 000000706 _____ C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
      2018-10-05 08:28 - 2018-10-05 08:28 - 000000000 ____D C:\Program Files\PDFCreator
      2018-10-05 08:28 - 2018-10-05 08:28 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDFCreator
      2018-10-05 08:28 - 2018-10-05 08:28 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\pdfforge
      2018-10-05 08:28 - 2012-03-05 21:04 - 000054272 _____ (pdfforge GbR) C:\WINDOWS\system32\pdfcmon.dll
      2018-10-05 08:27 - 2018-10-05 08:27 - 000000000 ____D C:\WINDOWS\system32\appmgmt
      2018-10-04 14:04 - 2018-10-04 14:04 - 000000738 _____ C:\Documents and Settings\Administrator\Desktop\Outlook Express.lnk
      2018-10-04 14:03 - 2018-10-04 14:03 - 000002016 _____ C:\Documents and Settings\Administrator\Desktop\Microsoft Office PowerPoint 2003 (2).lnk
      2018-10-04 12:43 - 2018-10-04 12:43 - 000001527 _____ C:\Documents and Settings\Administrator\Desktop\Tour Windows XP.lnk
      2018-10-04 12:37 - 2018-10-04 12:37 - 000000702 _____ C:\Documents and Settings\All Users\Desktop\MozBackup.lnk
      2018-10-04 12:37 - 2018-10-04 12:37 - 000000000 ____D C:\Program Files\MozBackup
      2018-10-04 12:37 - 2018-10-04 12:37 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\MozBackup
      2018-10-04 12:37 - 2018-09-29 12:42 - 000000775 _____ C:\Documents and Settings\Administrator\My Documents\indexfile.txt
      2018-10-04 12:34 - 2018-10-08 08:43 - 000000000 ____D C:\Documents and Settings\Administrator\My Documents\Изтегляния
      2018-10-04 12:30 - 2018-10-04 12:30 - 000000754 _____ C:\Documents and Settings\All Users\Desktop\YoWindow.lnk
      2018-10-04 12:30 - 2018-10-04 12:30 - 000000000 ____D C:\Program Files\YoWindow
      2018-10-04 12:30 - 2018-10-04 12:30 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\YoWindow
      2018-10-04 12:30 - 2018-10-04 12:30 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\YoWindow
      2018-10-04 12:28 - 2018-10-04 12:28 - 000001487 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Explorer (2).lnk
      2018-10-04 12:25 - 2018-10-04 12:25 - 000000784 _____ C:\Documents and Settings\Administrator\Desktop\ESET Online Scanner.lnk
      2018-10-04 12:20 - 2018-10-04 12:20 - 000000000 ____D C:\Program Files\Marvell
      2018-10-04 12:20 - 2012-03-27 17:48 - 000299424 _____ (Marvell) C:\WINDOWS\system32\Drivers\yk51x86.sys
      2018-10-04 08:51 - 2018-10-09 09:05 - 000000000 ____D C:\Documents and Settings\Administrator\My Documents\My Photo
      2018-10-04 08:48 - 2018-10-06 14:25 - 000002497 _____ C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2003 (2).lnk
      2018-10-04 08:48 - 2018-10-04 08:48 - 000002044 _____ C:\Documents and Settings\Administrator\Desktop\Microsoft Office Excel 2003 (2).lnk
      2018-10-04 08:46 - 2018-10-09 09:22 - 000000192 _____ C:\WINDOWS\winamp.ini
      2018-10-04 08:46 - 2018-10-04 08:46 - 000001826 _____ C:\Documents and Settings\All Users\Desktop\Presto! Mr. Photo 4.lnk
      2018-10-04 08:46 - 2003-10-29 03:34 - 000462848 ____N (Sonic Solutions) C:\WINDOWS\system32\px.dll
      2018-10-04 08:46 - 2003-10-29 03:33 - 000286720 ____N (Sonic Solutions) C:\WINDOWS\system32\pxwave.dll
      2018-10-04 08:46 - 2003-10-29 03:33 - 000143360 ____N (Sonic Solutions) C:\WINDOWS\system32\pxmas.dll
      2018-10-04 08:46 - 2003-10-28 13:02 - 000053248 ____N C:\WINDOWS\system32\pxhpinst.exe
      2018-10-04 08:46 - 2003-10-28 13:02 - 000020016 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\pxhelp20.sys
      2018-10-04 08:46 - 2003-10-27 12:00 - 000319488 ____N (Sonic Solutions) C:\WINDOWS\system32\pxdrv.dll
      2018-10-04 08:46 - 2003-10-14 12:00 - 000028672 ____N (Sonic Solutions) C:\WINDOWS\system32\vxblock.dll
      2018-10-04 08:45 - 2018-10-04 08:45 - 000000000 ____D C:\Program Files\NewSoft
      2018-10-04 08:45 - 2018-10-04 08:45 - 000000000 ____D C:\Program Files\Common Files\NewSoft
      2018-10-04 08:45 - 2018-10-04 08:45 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\NewSoft
      2018-10-04 08:45 - 2018-10-04 08:45 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Newsoft
      2018-10-04 08:45 - 2018-10-04 08:45 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\NewSoft
      2018-10-04 08:45 - 1998-06-17 00:00 - 000385100 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVCRTD.DLL
      2018-10-04 08:43 - 2018-10-04 08:43 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Canon
      2018-10-04 08:42 - 2018-10-04 08:42 - 000000000 ___HD C:\CanoScan
      2018-10-04 08:42 - 2018-10-04 08:42 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Canon
      2018-10-04 08:42 - 2013-07-03 01:59 - 000014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
      2018-10-04 08:42 - 2013-07-03 01:59 - 000014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
      2018-10-04 08:42 - 2005-06-23 22:17 - 000352256 _____ (CANON INC.) C:\WINDOWS\system32\CNQL1213.DLL
      2018-10-04 08:42 - 2005-02-28 13:20 - 000057344 _____ (CANON INC.) C:\WINDOWS\system32\CNQU110.DLL
      2018-10-04 08:38 - 2018-10-09 12:42 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Skype
      2018-10-04 08:38 - 2018-10-05 13:45 - 000002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
      2018-10-04 08:38 - 2018-10-04 08:38 - 000000000 ___RD C:\Program Files\Skype
      2018-10-04 08:38 - 2018-10-04 08:38 - 000000000 ____D C:\Program Files\Common Files\Skype
      2018-10-04 08:38 - 2018-10-04 08:38 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
      2018-10-04 08:38 - 2018-10-04 08:38 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
      2018-10-04 08:38 - 2018-10-04 08:38 - 000000000 ____D C:\Documents and Settings\Administrator\Tracing
      2018-10-04 08:37 - 2018-10-08 12:43 - 000170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
      2018-10-04 08:37 - 2018-10-05 13:43 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
      2018-10-04 08:37 - 2018-10-04 08:37 - 000000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
      2018-10-04 08:37 - 2018-10-04 08:37 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware
      2018-10-04 08:37 - 2018-10-04 08:37 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
      2018-10-04 08:37 - 2018-10-04 08:37 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2018-10-04 08:37 - 2016-03-10 14:09 - 000123264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
      2018-10-04 08:37 - 2016-03-10 14:08 - 000024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
      2018-10-04 08:36 - 2018-10-06 14:51 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\vlc
      2018-10-04 08:36 - 2018-10-04 08:36 - 000000000 ____D C:\Program Files\VideoLAN
      2018-10-04 08:31 - 2018-10-04 08:31 - 000000000 ____D C:\Program Files\FinalWire
      2018-10-04 08:31 - 2018-10-04 08:31 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\FinalWire
      2018-10-03 18:55 - 2018-10-03 18:55 - 000000301 _____ C:\Documents and Settings\Administrator\Desktop\Shortcut to Sounds and Audio Devices.lnk
      2018-10-03 18:47 - 2018-10-05 12:33 - 000000000 ___RD C:\Documents and Settings\Administrator\Desktop\New Briefcase
      2018-10-03 18:35 - 2008-04-13 22:47 - 000083072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wdmaud.sys
      2018-10-03 18:35 - 2008-04-13 22:47 - 000083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdmaud.sys
      2018-10-03 18:35 - 2008-04-13 22:15 - 000006272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\splitter.sys
      2018-10-03 18:35 - 2008-04-13 22:15 - 000006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\splitter.sys
      2018-10-03 18:34 - 2018-10-03 18:34 - 000000000 ____D C:\Program Files\Analog Devices
      2018-10-03 18:34 - 2018-10-03 18:34 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
      2018-10-03 18:34 - 2008-04-14 03:42 - 000129536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ksproxy.ax
      2018-10-03 18:34 - 2008-04-14 03:42 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
      2018-10-03 18:34 - 2008-04-14 03:41 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ksuser.dll
      2018-10-03 18:34 - 2008-04-14 03:41 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksuser.dll
      2018-10-03 18:34 - 2008-04-13 22:45 - 000060800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sysaudio.sys
      2018-10-03 18:34 - 2008-04-13 22:45 - 000060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sysaudio.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000172416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kmixer.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kmixer.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\drmk.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000060160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000056576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swmidi.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swmidi.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000052864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dmusic.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\DMusic.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000002944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\drmkaud.sys
      2018-10-03 18:34 - 2008-04-13 22:15 - 000002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
      2018-10-03 18:34 - 2008-04-13 22:09 - 000007552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mskssrv.sys
      2018-10-03 18:34 - 2008-04-13 22:09 - 000007552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MSKSSRV.sys
      2018-10-03 18:34 - 2008-04-13 22:09 - 000005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspclock.sys
      2018-10-03 18:34 - 2008-04-13 22:09 - 000005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MSPCLOCK.sys
      2018-10-03 18:34 - 2008-04-13 22:09 - 000004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspqm.sys
      2018-10-03 18:34 - 2008-04-13 22:09 - 000004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MSPQM.sys
      2018-10-03 18:34 - 2008-04-13 20:09 - 000142592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aec.sys
      2018-10-03 18:34 - 2008-04-13 20:09 - 000142592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aec.sys
      2018-10-03 18:34 - 2008-03-21 11:35 - 000146048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\portcls.sys
      2018-10-03 18:34 - 2008-03-21 11:35 - 000146048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
      2018-10-03 18:34 - 2005-09-26 16:20 - 000049152 _____ (Analog Devices Inc.) C:\WINDOWS\system32\DSndUp.exe
      2018-10-03 18:34 - 2005-05-04 09:20 - 000053248 ____N (Analog Devices Inc.) C:\WINDOWS\system32\wdmioctl.dll
      2018-10-03 18:34 - 2002-04-17 15:05 - 000045056 ____N (adi) C:\WINDOWS\system32\CleanUp.exe
      2018-10-03 18:34 - 2001-09-11 15:20 - 001285632 ____N (Analog Devices) C:\WINDOWS\system32\SMMedia.dll
      2018-10-03 18:31 - 2018-10-03 18:31 - 000000000 ____D C:\Program Files\Realtek
      2018-10-03 18:31 - 2018-10-03 18:31 - 000000000 ____D C:\Program Files\Intel Desktop Board
      2018-10-03 18:30 - 2018-10-07 09:22 - 000069800 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2018-10-03 18:30 - 2018-10-03 18:30 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\DriverDR.com
      2018-10-03 14:32 - 2018-10-03 14:22 - 000000804 _____ C:\Documents and Settings\Administrator\Desktop\Windows Media Player.lnk
      2018-10-03 14:29 - 2018-10-03 14:29 - 000001487 _____ C:\Documents and Settings\All Users\Desktop\ICQ6.5.lnk
      2018-10-03 14:29 - 2018-10-03 14:29 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ICQ6.5
      2018-10-03 14:28 - 2018-10-08 09:25 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\ICQ
      2018-10-03 14:28 - 2018-10-03 14:49 - 000000000 ____D C:\Program Files\ICQ6.5
      2018-10-03 14:28 - 2018-10-03 14:28 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\ICQ
      2018-10-03 14:27 - 2018-10-03 14:27 - 000000000 ____D C:\Program Files\SpeedFan
      2018-10-03 14:27 - 2018-10-03 14:27 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\SpeedFan
      2018-10-03 14:21 - 2018-10-03 14:22 - 000000000 ____D C:\WINDOWS\RegisteredPackages
      2018-10-03 14:19 - 2018-10-06 14:49 - 000000116 _____ C:\WINDOWS\NeroDigital.ini
      2018-10-03 14:19 - 2018-10-03 14:19 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\CyberLink
      2018-10-03 14:19 - 2018-10-03 14:19 - 000000000 ____D C:\Documents and Settings\Administrator\My Documents\CyberLink
      2018-10-03 14:19 - 2018-10-03 14:19 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\CyberLink
      2018-10-03 14:17 - 2018-10-05 09:02 - 000000000 ____D C:\Program Files\Ahead
      2018-10-03 14:16 - 2018-10-03 14:16 - 000001684 _____ C:\Documents and Settings\All Users\Desktop\CyberLink PowerDVD.lnk
      2018-10-03 14:16 - 2018-10-03 14:16 - 000000000 ____D C:\Program Files\CyberLink
      2018-10-03 14:16 - 2018-10-03 14:16 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CyberLink PowerDVD
      2018-10-03 14:14 - 2018-10-03 14:14 - 000000857 _____ C:\Documents and Settings\All Users\Desktop\Wise Disk Cleaner.lnk
      2018-10-03 14:14 - 2018-10-03 14:14 - 000000000 ____D C:\Program Files\Wise
      2018-10-03 14:14 - 2018-10-03 14:14 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Wise Disk Cleaner
      2018-10-03 14:13 - 2018-10-04 12:30 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\YoWindow
      2018-10-03 14:12 - 2018-10-03 14:12 - 000000755 _____ C:\Documents and Settings\All Users\Desktop\Billiards.lnk
      2018-10-03 14:12 - 2018-10-03 14:12 - 000000000 ____D C:\Program Files\IrfanView
      2018-10-03 14:12 - 2018-10-03 14:12 - 000000000 ____D C:\Program Files\ePlaybus.com
      2018-10-03 14:12 - 2018-10-03 14:12 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ePlaybus.com
      2018-10-03 14:12 - 2018-10-03 14:12 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\IrfanView
      2018-10-03 14:11 - 2018-10-03 14:11 - 000000000 ____D C:\Program Files\ESET
      2018-10-03 14:10 - 2018-10-06 14:26 - 000000000 ____D C:\WINDOWS\Datecs
      2018-10-03 14:10 - 2018-10-03 14:10 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Datecs Applications
      2018-10-03 14:10 - 2000-06-08 17:00 - 000000398 _____ C:\WINDOWS\system32\kbdus.kbd
      2018-10-03 14:10 - 1997-01-06 11:35 - 000005120 _____ (Datecs Ltd. ) C:\WINDOWS\system32\vga856.fon
      2018-10-03 14:09 - 2018-10-03 14:09 - 000001487 _____ C:\Documents and Settings\Administrator\Desktop\Windows Explorer (2).lnk
      2018-10-03 14:07 - 2018-10-03 13:19 - 000000856 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Copy of Shortcut to chrome.lnk
      2018-10-03 13:19 - 2018-10-03 13:19 - 000000856 _____ C:\Documents and Settings\Administrator\Desktop\Google chrome.lnk
      2018-10-03 11:52 - 2013-08-09 00:55 - 000032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
      2018-10-03 11:52 - 2013-08-09 00:55 - 000032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
      2018-10-03 11:52 - 2008-04-14 03:41 - 000021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
      2018-10-03 11:52 - 2008-04-14 03:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
      2018-10-03 11:52 - 2008-04-13 22:15 - 000010368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidusb.sys
      2018-10-03 11:52 - 2008-04-13 22:15 - 000010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
      2018-10-03 11:52 - 2008-04-13 22:09 - 000014592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhid.sys
      2018-10-03 11:52 - 2008-04-13 22:09 - 000014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
      2018-10-03 11:52 - 2001-08-17 11:48 - 000012160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mouhid.sys
      2018-10-03 11:52 - 2001-08-17 11:48 - 000012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
      2018-10-02 08:49 - 2018-10-02 08:49 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
      2018-10-02 08:45 - 2018-10-02 08:45 - 000000376 _____ C:\WINDOWS\ODBC.INI
      2018-10-02 08:45 - 2003-06-18 17:31 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdimon.dll
      2018-10-02 08:44 - 2018-10-04 14:03 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
      2018-10-02 08:44 - 2018-10-02 08:44 - 000002002 _____ C:\Documents and Settings\All Users\Start Menu\Open Office Document.lnk
      2018-10-02 08:44 - 2018-10-02 08:44 - 000001992 _____ C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
      2018-10-02 08:44 - 2018-10-02 08:44 - 000000000 ____D C:\Program Files\Microsoft Works
      2018-10-02 08:44 - 2018-10-02 08:44 - 000000000 ____D C:\Program Files\Microsoft Visual Studio
      2018-10-02 08:44 - 2018-10-02 08:44 - 000000000 ____D C:\Program Files\Microsoft ActiveSync
      2018-10-02 08:44 - 2018-10-02 08:44 - 000000000 ____D C:\Program Files\Common Files\L&H
      2018-10-02 08:44 - 2018-10-02 08:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
      2018-10-02 08:43 - 2018-10-05 08:52 - 000000000 ____D C:\Program Files\Microsoft Office
      2018-10-02 08:43 - 2018-10-02 08:44 - 000000000 ____D C:\WINDOWS\SHELLNEW
      2018-10-02 08:42 - 2018-10-02 08:42 - 000000000 __RHD C:\MSOCache
      2018-10-02 08:40 - 2018-10-04 08:45 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
      2018-10-02 08:40 - 2018-10-02 08:40 - 000000129 _____ C:\Documents and Settings\All Users\Desktop\SAMSUNG Dr.Printer.url
      2018-10-02 08:40 - 2018-10-02 08:40 - 000000000 ____D C:\Program Files\Samsung ML-2010 Series
      2018-10-02 08:40 - 2018-10-02 08:40 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Samsung ML-2010 Series
      2018-10-02 08:40 - 2005-04-08 05:29 - 000020622 _____ (Samsung Electronics.) C:\WINDOWS\system32\SUGS2LMK.DLL
      2018-10-02 08:40 - 2005-03-03 14:23 - 000000604 _____ C:\WINDOWS\system32\SUGS2LMK.SMT
      2018-10-02 08:40 - 2005-03-03 13:09 - 000057344 _____ (SEC) C:\WINDOWS\system32\SSCoInst.dll
      2018-10-02 08:40 - 2005-03-03 07:32 - 000151552 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\SSCoInst.exe
      2018-10-02 08:39 - 2018-10-02 08:40 - 000000000 ____D C:\WINDOWS\Samsung
      2018-10-02 08:39 - 2005-03-14 08:01 - 000208896 ____N (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\SSRemove.exe
      2018-10-02 08:39 - 2005-03-14 08:01 - 000041984 ____N (DeviceGuys, Inc.) C:\WINDOWS\system32\Drivers\DGIVECP.SYS
      2018-10-02 08:37 - 2018-10-02 08:37 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
      2018-10-02 08:37 - 2018-10-02 08:37 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Help
      2018-10-01 15:58 - 2018-10-01 15:58 - 000000000 _____ C:\WINDOWS\system32\h323log.txt
      2018-10-01 15:56 - 2001-08-17 14:59 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\audstub.sys
      2018-10-01 15:55 - 2008-04-14 06:42 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbui.dll
      2018-10-01 15:55 - 2008-04-14 01:10 - 000057600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\redbook.sys
      2018-10-01 15:55 - 2001-08-17 14:28 - 000907456 _____ (Conexant) C:\WINDOWS\system32\Drivers\HCF_MSFT.sys
      2018-10-01 15:53 - 2018-10-05 08:52 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
      2018-10-01 15:53 - 2018-10-05 08:36 - 000506702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-10-01 15:53 - 2018-10-01 15:53 - 000004444 _____ C:\WINDOWS\system32\pid.PNF
      2018-10-01 15:53 - 2018-10-01 15:53 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
      2018-10-01 15:53 - 2018-10-01 15:53 - 000000000 ____D C:\Program Files\Common Files\ODBC
      2018-10-01 15:53 - 2018-10-01 13:10 - 000004512 _____ C:\WINDOWS\imsins.BAK
      2018-10-01 15:53 - 2018-10-01 13:06 - 000004161 _____ C:\WINDOWS\ODBCINST.INI
      2018-10-01 15:53 - 2014-02-12 16:56 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\NOTEPAD.EXE
      2018-10-01 15:53 - 2008-04-14 14:00 - 001685606 ____C C:\WINDOWS\system32\dllcache\sam.spd
      2018-10-01 15:53 - 2008-04-14 14:00 - 000774144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spttseng.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000741376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sapi.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000643717 ____C C:\WINDOWS\system32\dllcache\ltts1033.lxa
      2018-10-01 15:53 - 2008-04-14 14:00 - 000605050 ____C C:\WINDOWS\system32\dllcache\r1033tts.lxa
      2018-10-01 15:53 - 2008-04-14 14:00 - 000176157 ____C (Digi International, Inc.) C:\WINDOWS\system32\dllcache\dgrpsetu.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000176157 _____ (Digi International, Inc.) C:\WINDOWS\system32\dgrpsetu.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000155648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sapi.cpl
      2018-10-01 15:53 - 2008-04-14 14:00 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system\WINSPOOL.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000126912 _____ (Microsoft Corporation) C:\WINDOWS\system\MSVIDEO.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000109456 _____ (Microsoft Corporation) C:\WINDOWS\system\AVIFILE.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000103424 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnclass.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000103424 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\EqnClass.Dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000085020 ____C (Digi International) C:\WINDOWS\system32\dllcache\dgsetup.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000085020 _____ (Digi International) C:\WINDOWS\system32\dgsetup.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system\OLECLI.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spcommon.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000073376 _____ (Microsoft Corporation) C:\WINDOWS\system\MCIAVI.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000069584 _____ (Microsoft Corporation) C:\WINDOWS\system\AVICAP.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000068768 _____ (Microsoft Corporation) C:\WINDOWS\system\MMSYSTEM.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_869.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_866.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_857.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_855.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_852.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_737.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 _____ C:\WINDOWS\system32\c_869.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 _____ C:\WINDOWS\system32\c_866.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 _____ C:\WINDOWS\system32\c_857.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 _____ C:\WINDOWS\system32\c_855.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 _____ C:\WINDOWS\system32\c_852.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066594 _____ C:\WINDOWS\system32\c_737.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_875.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_28603.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_28599.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_28597.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_28595.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_28594.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20127.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10082.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10081.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10029.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10017.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10010.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10007.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10006.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_875.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_28603.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_28599.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\C_28597.NLS
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\C_28595.NLS
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\C_28594.NLS
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_20127.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10082.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10081.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10029.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10017.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10010.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10007.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000066082 _____ C:\WINDOWS\system32\c_10006.nls
      2018-10-01 15:53 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spcplui.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sapisvr.exe
      2018-10-01 15:53 - 2008-04-14 14:00 - 000036656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dosapp.fon
      2018-10-01 15:53 - 2008-04-14 14:00 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system\COMMDLG.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system\MCIWAVE.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000025264 _____ (Microsoft Corporation) C:\WINDOWS\system\MCISEQ.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000024661 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxcoins.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000024661 _____ (Perle Systems Ltd.) C:\WINDOWS\system32\spxcoins.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system\OLESVR.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0408.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040e.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt041f.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0419.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0415.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0405.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000019200 _____ (Microsoft Corporation) C:\WINDOWS\system\TAPI.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\taskman.exe
      2018-10-01 15:53 - 2008-04-14 14:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\TASKMAN.EXE
      2018-10-01 15:53 - 2008-04-14 14:00 - 000013600 _____ (Microsoft Corporation) C:\WINDOWS\system\WFWNET.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irclass.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\irclass.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irenum.sys
      2018-10-01 15:53 - 2008-04-14 14:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys
      2018-10-01 15:53 - 2008-04-14 14:00 - 000009936 _____ (Microsoft Corporation) C:\WINDOWS\system\LZEXPAND.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000009008 _____ (Microsoft Corporation) C:\WINDOWS\system\VER.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\batt.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\batt.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000008192 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhept.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhept.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdcz.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcz.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdycl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdsl1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdsl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhu.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhela3.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdcz2.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdcz1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdcr.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\KBDAL.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdycl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsl1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdpl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhu.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhela3.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcz2.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcz1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcr.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdal.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdtuq.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdtuf.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdlv1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdlv.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhela2.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdgkl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdest.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdtuq.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdtuf.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlv1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlv.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhela2.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgkl.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdest.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdmon.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdkyr.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdycc.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbduzb.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdur.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdtat.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdru1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdru.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdro.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpl1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdlt1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdlt.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdkaz.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhu1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhe319.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhe220.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdhe.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdbu.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdblr.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdazel.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdaze.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdycc.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbduzb.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdur.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdtat.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdru1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdru.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdro.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdpl1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdmon.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlt1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlt.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdkyr.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdkaz.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhu1.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhe319.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhe220.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhe.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdbu.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdblr.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdazel.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdaze.dll
      2018-10-01 15:53 - 2008-04-14 14:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\system\SHELL.DLL
      2018-10-01 15:53 - 2008-04-14 14:00 - 000004048 _____ (Microsoft Corporation) C:\WINDOWS\system\TIMER.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000003360 _____ (Microsoft Corporation) C:\WINDOWS\system\SYSTEM.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000002577 ____N C:\WINDOWS\system32\CONFIG.TMP
      2018-10-01 15:53 - 2008-04-14 14:00 - 000002176 _____ (Microsoft Corporation) C:\WINDOWS\system\VGA.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000002032 _____ (Microsoft Corporation) C:\WINDOWS\system\MOUSE.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000002000 _____ (Microsoft Corporation) C:\WINDOWS\system\KEYBOARD.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000001744 _____ (Microsoft Corporation) C:\WINDOWS\system\SOUND.DRV
      2018-10-01 15:53 - 2008-04-14 14:00 - 000001688 _____ C:\WINDOWS\system32\AUTOEXEC.NT
      2018-10-01 15:53 - 2008-04-14 14:00 - 000001152 _____ (Microsoft Corporation) C:\WINDOWS\system\MMTASK.TSK
      2018-10-01 15:53 - 2008-04-14 14:00 - 000000888 ____C C:\WINDOWS\system32\dllcache\sam.sdf
      2018-10-01 15:53 - 2008-04-14 06:42 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\storprop.dll
      2018-10-01 15:52 - 2018-10-01 15:52 - 000000000 ____D C:\Documents and Settings\Default User\Local Settings\Temp
      2018-10-01 15:52 - 2018-10-01 13:11 - 000733603 _____ C:\WINDOWS\setuplog.txt
      2018-10-01 15:52 - 2009-01-09 21:19 - 001089593 ____C C:\WINDOWS\system32\dllcache\NTPRINT.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 002144487 ____C C:\WINDOWS\system32\dllcache\NT5.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 001296669 ____C C:\WINDOWS\system32\dllcache\SP3.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000797189 ____C C:\WINDOWS\system32\dllcache\NT5IIS.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000522220 ____C C:\WINDOWS\system32\dllcache\NT5INF.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000399645 ____C C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000144484 ____C C:\WINDOWS\system32\dllcache\netfx.cat
      2018-10-01 15:52 - 2008-04-14 14:00 - 000112918 ____C C:\WINDOWS\system32\dllcache\tabletpc.cat
      2018-10-01 15:52 - 2008-04-14 14:00 - 000037484 ____C C:\WINDOWS\system32\dllcache\MW770.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000034747 ____C C:\WINDOWS\system32\dllcache\mediactr.cat
      2018-10-01 15:52 - 2008-04-14 14:00 - 000034063 ____C C:\WINDOWS\system32\dllcache\FP4.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000016535 ____C C:\WINDOWS\system32\dllcache\IMS.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000013472 ____C C:\WINDOWS\system32\dllcache\HPCRDP.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000010027 ____C C:\WINDOWS\system32\dllcache\MSTSWEB.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000008574 ____C C:\WINDOWS\system32\dllcache\IASNT4.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000007382 ____C C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
      2018-10-01 15:52 - 2008-04-14 14:00 - 000007334 ____C C:\WINDOWS\system32\dllcache\wmerrenu.cat
      2018-10-01 15:51 - 2018-10-09 08:47 - 000000211 ___SH C:\boot.ini
      2018-10-01 15:51 - 2018-10-06 14:27 - 000272576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-10-01 15:51 - 2018-10-03 14:17 - 000000000 ___HD C:\Documents and Settings\Default User
      2018-10-01 15:51 - 2018-10-01 15:51 - 001138688 _____ C:\WINDOWS\system32\config\software.sav
      2018-10-01 15:51 - 2018-10-01 15:51 - 000913408 _____ C:\WINDOWS\system32\config\system.sav
      2018-10-01 15:51 - 2018-10-01 15:51 - 000094208 _____ C:\WINDOWS\system32\config\default.sav
      2018-10-01 15:51 - 2018-10-01 13:12 - 000000000 ____D C:\Documents and Settings
      2018-10-01 15:51 - 2018-10-01 13:05 - 000000000 ____D C:\Documents and Settings\All Users
      2018-10-01 15:50 - 2018-10-01 15:51 - 000262144 _____ C:\WINDOWS\system32\config\userdiff
      2018-10-01 15:43 - 2018-10-09 08:43 - 000000000 ___HD C:\WINDOWS\inf
      2018-10-01 15:43 - 2018-10-08 09:27 - 000000000 ____D C:\WINDOWS\Driver Cache
      2018-10-01 15:43 - 2018-10-06 14:26 - 000000000 RSHDC C:\WINDOWS\system32\dllcache
      2018-10-01 15:43 - 2018-10-05 08:55 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2018-10-01 15:43 - 2018-10-05 08:34 - 000000000 ____D C:\WINDOWS\system32\spool
      2018-10-01 15:43 - 2018-10-04 08:42 - 000000000 ____D C:\WINDOWS\Media
      2018-10-01 15:43 - 2018-10-03 18:34 - 000000000 ____D C:\WINDOWS\system
      2018-10-01 15:43 - 2018-10-03 14:21 - 000000000 ____D C:\WINDOWS\security
      2018-10-01 15:43 - 2018-10-03 14:21 - 000000000 ____D C:\WINDOWS\Help
      2018-10-01 15:43 - 2018-10-02 08:43 - 000000000 ____D C:\WINDOWS\pchealth
      2018-10-01 15:43 - 2018-10-01 15:51 - 000000000 ____D C:\WINDOWS\system32\usmt
      2018-10-01 15:43 - 2018-10-01 15:51 - 000000000 ____D C:\WINDOWS\system32\scripting
      2018-10-01 15:43 - 2018-10-01 15:51 - 000000000 ____D C:\WINDOWS\Network Diagnostic
      2018-10-01 15:43 - 2018-10-01 15:51 - 000000000 ____D C:\WINDOWS\L2Schemas
      2018-10-01 15:43 - 2018-10-01 15:50 - 000000000 ___SD C:\WINDOWS\Offline Web Pages
      2018-10-01 15:43 - 2018-10-01 15:50 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
      2018-10-01 15:43 - 2018-10-01 15:49 - 000000000 ____D C:\WINDOWS\system32\Setup
      2018-10-01 15:43 - 2018-10-01 15:49 - 000000000 ____D C:\WINDOWS\system32\npp
      2018-10-01 15:43 - 2018-10-01 15:49 - 000000000 ____D C:\WINDOWS\PeerNet
      2018-10-01 15:43 - 2018-10-01 15:49 - 000000000 ____D C:\WINDOWS\mui
      2018-10-01 15:43 - 2018-10-01 15:49 - 000000000 ____D C:\WINDOWS\msagent
      2018-10-01 15:43 - 2018-10-01 15:46 - 000000000 ____D C:\WINDOWS\system32\ras
      2018-10-01 15:43 - 2018-10-01 15:45 - 000000000 ____D C:\WINDOWS\system32\icsxml
      2018-10-01 15:43 - 2018-10-01 15:44 - 000000000 ____D C:\WINDOWS\system32\1033
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\wins
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\ShellExt
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\PreInstall
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\mui
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\inetsrv
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\IME
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\export
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\disdn
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\dhcp
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\3com_dmi
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\3076
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\2052
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1054
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1042
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1041
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1037
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1031
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1028
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\system32\1025
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\Resources
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\Provisioning
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\msapps
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\java
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\Connection Wizard
      2018-10-01 15:43 - 2018-10-01 15:43 - 000000000 ____D C:\WINDOWS\addins
      2018-10-01 15:43 - 2018-10-01 13:06 - 000000000 ____D C:\WINDOWS\repair
      2018-10-01 15:43 - 2018-10-01 13:06 - 000000000 ____D C:\WINDOWS\ime
      2018-10-01 15:43 - 2018-10-01 13:05 - 000000000 ___RD C:\WINDOWS\Web
      2018-10-01 15:43 - 2018-10-01 13:05 - 000000000 ____D C:\WINDOWS\system32\ias
      2018-10-01 15:43 - 2018-10-01 13:03 - 000000000 ____D C:\WINDOWS\system32\oobe
      2018-10-01 15:43 - 2018-10-01 13:00 - 000000000 ____D C:\WINDOWS\Cursors
      2018-10-01 13:56 - 2018-10-02 08:49 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Adobe
      2018-10-01 13:56 - 2018-10-01 13:56 - 000001804 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
      2018-10-01 13:56 - 2018-10-01 13:56 - 000001729 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
      2018-10-01 13:56 - 2018-10-01 13:56 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
      2018-10-01 13:56 - 2018-10-01 13:56 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Macromedia
      2018-10-01 13:55 - 2018-10-01 13:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
      2018-10-01 13:55 - 2018-10-01 13:55 - 000000694 _____ C:\Documents and Settings\Administrator\Desktop\BitComet.lnk
      2018-10-01 13:55 - 2018-10-01 13:55 - 000000000 ____D C:\Program Files\BitComet
      2018-10-01 13:55 - 2018-10-01 13:55 - 000000000 ____D C:\Program Files\Adobe
      2018-10-01 13:55 - 2018-10-01 13:55 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\BitComet
      2018-10-01 13:55 - 2018-10-01 13:55 - 000000000 _____ C:\WINDOWS\PROTOCOL.INI
      2018-10-01 13:54 - 2018-10-01 13:54 - 000000776 _____ C:\Documents and Settings\All Users\Start Menu\Programs\SA Dictionary.lnk
      2018-10-01 13:54 - 2018-10-01 13:54 - 000000770 _____ C:\Documents and Settings\All Users\Desktop\SA Dictionary.lnk
      2018-10-01 13:54 - 2018-10-01 13:54 - 000000000 ____D C:\Program Files\SA Dictionary 2004 Datacenter
      2018-10-01 13:54 - 1999-03-23 09:12 - 000299520 _____ (InstallShield Corporation, Inc.) C:\WINDOWS\uninst.exe
      2018-10-01 13:53 - 2018-10-03 14:11 - 000000000 ____D C:\Program Files\CPUID
      2018-10-01 13:53 - 2018-10-03 14:11 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CPUID
      2018-10-01 13:53 - 2018-10-01 13:53 - 000000000 ____D C:\Documents and Settings\Administrator\WINDOWS
      2018-10-01 13:52 - 2018-10-01 13:52 - 000000000 ____D C:\Program Files\WinRAR
      2018-10-01 13:52 - 2018-10-01 13:52 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
      2018-10-01 13:52 - 2018-10-01 13:52 - 000000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
      2018-10-01 13:50 - 2018-10-01 13:50 - 000000000 ____D C:\Program Files\Datecs
      2018-10-01 13:50 - 2002-04-23 00:17 - 000045056 _____ C:\WINDOWS\system32\newdll.dll
      2018-10-01 13:50 - 2000-11-17 08:47 - 000008992 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdbphz.dLL
      2018-10-01 13:50 - 2000-11-15 01:52 - 000006416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdbds.Dll
      2018-10-01 13:50 - 1999-12-07 09:00 - 000006416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdbp.Dll
      2018-10-01 13:50 - 1999-11-18 05:04 - 000007440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Kbddll.dll
      2018-10-01 13:50 - 1999-11-11 13:47 - 000006928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdhebx.Dll
      2018-10-01 13:50 - 1999-11-11 13:47 - 000006416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdinori.Dll
      2018-10-01 13:50 - 1999-11-11 13:47 - 000006416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdinasa.Dll
      2018-10-01 13:50 - 1997-04-03 21:00 - 000066594 _____ C:\WINDOWS\system32\C_856.nls
      2018-10-01 13:50 - 1997-04-03 21:00 - 000008992 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBPH.dLL
      2018-10-01 13:41 - 2018-10-09 12:42 - 000088566 _____ C:\WINDOWS\system32\nvapps.xml
      2018-10-01 13:41 - 2018-10-01 13:43 - 000000000 ____D C:\WINDOWS\nview
      2018-10-01 13:41 - 2006-10-22 15:06 - 000208896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVUNINST.EXE
      2018-10-01 13:41 - 2006-10-22 12:22 - 000208896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvudisp.exe
      2018-10-01 13:41 - 2006-10-22 12:22 - 000017056 _____ C:\WINDOWS\system32\nvdisp.nvu
      2018-10-01 13:40 - 2018-10-01 13:40 - 000000000 ____D C:\NVIDIA
      2018-10-01 13:39 - 2018-10-01 13:39 - 000000000 ____D C:\WINDOWS\pss
      2018-10-01 13:38 - 2015-08-16 17:29 - 042567136 _____ (NVIDIA Corporation ) C:\Documents and Settings\Administrator\Desktop\93.71_forceware_winxp2k_english_whql.exe
      2018-10-01 13:37 - 2018-10-04 13:35 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
      2018-10-01 13:37 - 2018-10-04 12:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-10-01 13:37 - 2018-10-01 13:37 - 000000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
      2018-10-01 13:37 - 2018-10-01 13:37 - 000000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
      2018-10-01 13:37 - 2018-10-01 13:37 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
      2018-10-01 13:37 - 2018-10-01 13:37 - 000000000 ____D C:\Documents and Settings\Administrator\Application Data\Mozilla
      2018-10-01 13:35 - 2018-10-01 13:35 - 000000000 ____D C:\Program Files\Chrome
      2018-10-01 13:35 - 2018-10-01 13:35 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
      2018-10-01 13:34 - 2008-04-13 22:15 - 000026368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbstor.sys
      2018-10-01 13:34 - 2008-04-13 22:15 - 000026368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
      2018-10-01 13:33 - 2018-10-07 09:14 - 000006144 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2018-10-01 13:19 - 2018-10-01 13:19 - 000000000 __SHD C:\Documents and Settings\Administrator\PrivacIE
      2018-10-01 13:14 - 2018-10-03 14:33 - 000000803 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
      2018-10-01 13:14 - 2008-04-14 14:00 - 000026991 ____C C:\WINDOWS\system32\dllcache\msn7.cat
      2018-10-01 13:14 - 2008-04-14 14:00 - 000014433 ____C C:\WINDOWS\system32\dllcache\msn9.cat
      2018-10-01 13:14 - 2008-04-14 14:00 - 000012363 ____C C:\WINDOWS\system32\dllcache\MSMSGS.CAT
      2018-10-01 13:13 - 2018-10-01 13:19 - 000000738 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
      2018-10-01 13:12 - 2018-10-09 12:53 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
      2018-10-01 13:12 - 2018-10-09 12:41 - 000000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
      2018-10-01 13:12 - 2018-10-09 12:41 - 000000000 ____D C:\Documents and Settings\Administrator
      2018-10-01 13:12 - 2018-10-03 14:22 - 000000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
      2018-10-01 13:12 - 2018-10-01 13:06 - 000001599 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
      2018-10-01 13:12 - 2018-10-01 13:06 - 000000000 __SHD C:\Documents and Settings\Administrator\IETldCache
      2018-10-01 13:11 - 2018-10-09 12:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-10-01 13:11 - 2018-10-09 12:41 - 000017208 _____ C:\WINDOWS\SchedLgU.Txt
      2018-10-01 13:11 - 2018-10-01 13:11 - 000000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
      2018-10-01 13:11 - 2018-10-01 13:11 - 000000000 __SHD C:\Documents and Settings\LocalService
      2018-10-01 13:11 - 2018-10-01 13:11 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
      2018-10-01 13:11 - 2018-10-01 13:06 - 000000000 __SHD C:\Documents and Settings\LocalService\IETldCache
      2018-10-01 13:10 - 2018-10-01 13:10 - 000008192 _____ C:\WINDOWS\REGLOCS.OLD
      2018-10-01 13:10 - 2018-10-01 13:10 - 000000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
      2018-10-01 13:10 - 2018-10-01 13:10 - 000000000 __SHD C:\Documents and Settings\NetworkService
      2018-10-01 13:10 - 2018-10-01 13:10 - 000000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
      2018-10-01 13:10 - 2018-10-01 13:06 - 000000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
      2018-10-01 13:09 - 2014-02-12 16:56 - 000456704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsvc.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000571392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlgnt.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintsetp.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000426041 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicepad.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000364032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3svc.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000358400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpincl.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000259072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpcl.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smi2smir.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000221696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\seo.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000188416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpsmir.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\thawbrkr.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winzm.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsp.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winpy.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000143422 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\softkey.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000103424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uihelper.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000101376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusbusd.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000086073 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicesub.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia330.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia001.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winar30.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wam51.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000076288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniime.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000073728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ext.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000072704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wingb.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winime.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unicdime.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamreg51.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000048256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w32.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000046592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\svcext51.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000046592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sspifilt.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ssinc51.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlphr.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000041600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpthrd.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm9aw.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tools.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmp.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb6w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma3w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.sys
      2018-10-01 13:09 - 2008-04-14 14:00 - 000030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm87w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm81w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000029184 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw330ext.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8cw.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000028288 ____C C:\WINDOWS\system32\dllcache\xjis.nls
      2018-10-01 13:09 - 2008-04-14 14:00 - 000027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rw001ext.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm93w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm92w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm90w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8dw.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8aw.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm89w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\romanime.ime
      2018-10-01 13:09 - 2008-04-14 14:00 - 000025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm59w.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000021896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdipx.sys
      2018-10-01 13:09 - 2008-04-14 14:00 - 000019464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdspx.sys
      2018-10-01 13:09 - 2008-04-14 14:00 - 000018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\simptcp.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\status.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\register.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsprof.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000013192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdasync.sys
      2018-10-01 13:09 - 2008-04-14 14:00 - 000010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpapi.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmigrate.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rwnh.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamps51.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmptrap.exe
      2018-10-01 13:09 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpmib.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3svapi.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000004608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ctrs51.dll
      2018-10-01 13:09 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcref.dll
      2018-10-01 13:09 - 2001-08-17 22:36 - 000057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
      2018-10-01 13:09 - 2001-08-17 22:36 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
      2018-10-01 13:09 - 2001-08-17 22:36 - 000023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
      2018-10-01 13:09 - 2001-08-17 22:36 - 000012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
      2018-10-01 13:09 - 2001-08-17 22:36 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
      2018-10-01 13:08 - 2014-02-12 16:55 - 000257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infocomm.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 010129408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxkor.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 001875968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.lex
      2018-10-01 13:08 - 2008-04-14 14:00 - 001158818 ____C C:\WINDOWS\system32\dllcache\korwbrkr.lex
      2018-10-01 13:08 - 2008-04-14 14:00 - 000811064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81k.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000716856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcus.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000482304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlgnt.ime
      2018-10-01 13:08 - 2008-04-14 14:00 - 000471102 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskdic.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000368696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcic.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000340023 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81.ime
      2018-10-01 13:08 - 2008-04-14 14:00 - 000315455 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskf.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000311359 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsv.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000307257 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000274489 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputyc.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000262200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputy.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000233527 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjprw.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000229439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\multibox.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000208952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpmig.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000196665 ____C C:\WINDOWS\system32\dllcache\imjpinst.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000175104 ____C C:\WINDOWS\system32\dllcache\pintlcsa.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000155705 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdsvr.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000145408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iische51.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000134339 ____C C:\WINDOWS\system32\dllcache\imekr.lex
      2018-10-01 13:08 - 2008-04-14 14:00 - 000131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxviceo.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtstocom.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrcic.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000102463 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsm.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000102456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imlang.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekr61.ime
      2018-10-01 13:08 - 2008-04-14 14:00 - 000092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.sys
      2018-10-01 13:08 - 2008-04-14 14:00 - 000092032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmbx.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000085504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\metada51.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000083748 ____C C:\WINDOWS\system32\dllcache\prcp.nls
      2018-10-01 13:08 - 2008-04-14 14:00 - 000083748 ____C C:\WINDOWS\system32\dllcache\prc.nls
      2018-10-01 13:08 - 2008-04-14 14:00 - 000081976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iislog51.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phon.ime
      2018-10-01 13:08 - 2008-04-14 14:00 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quick.ime
      2018-10-01 13:08 - 2008-04-14 14:00 - 000070656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\korwbrkr.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlphr.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmigrate.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000060928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisclex4.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imkrinst.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000059392 ____C C:\WINDOWS\system32\dllcache\imscinst.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000057398 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdadm.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlcsd.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nextlink.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000047066 ____C C:\WINDOWS\system32\dllcache\ksc.nls
      2018-10-01 13:08 - 2008-04-14 14:00 - 000045109 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpuex.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000044544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nsepm.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmig.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msiregmv.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000037888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\md5filt.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000036927 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs411.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iprip.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lmmib2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pagecnt.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mdsync.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iscomlog.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisadmin.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000022528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lpdsvc.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logscrpt.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\permchk.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000020736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ramdisk.sys
      2018-10-01 13:08 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iiscrmap.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lprmon.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jupiw.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quser.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs404.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs804.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetin51.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs412.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lonsint.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxmcro.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000009216 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnecat.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecat.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iwrps.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoctrs.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007680 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnecnt.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pwsdata.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migregdb.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecnt.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnec95.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdibm02.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnec95.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdibm02.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isapips.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisfecnv.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdlk41a.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41a.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iissync.exe
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdth3.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdth2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdlk41j.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdinpun.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdax2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbd101a.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxgl.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth3.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41j.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinpun.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdax2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd106n.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101a.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdvntc.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdusa.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdth1.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdth0.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdintel.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdintam.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdinmar.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdinkan.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdinhin.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdinguj.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdindev.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdheb.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdfa.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbda3.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbda2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbda1.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdvntc.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdusa.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdurdu.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth1.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth0.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr1.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintel.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintam.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinmar.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinkan.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinhin.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinguj.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdindev.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdheb.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdfa.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv1.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda3.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda2.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda1.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005120 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdgeo.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005120 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdarmw.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005120 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdarme.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgeo.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarmw.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarme.dll
      2018-10-01 13:08 - 2008-04-14 14:00 - 000003584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismui.dll
      2018-10-01 13:08 - 2001-08-17 22:36 - 000065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
      2018-10-01 13:08 - 2001-08-17 22:36 - 000038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
      2018-10-01 13:07 - 2014-02-12 16:55 - 000369664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asp51.dll
      2018-10-01 13:07 - 2014-02-12 16:55 - 000268288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\httpext.dll
      2018-10-01 13:07 - 2014-02-12 16:55 - 000229888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscover.exe
      2018-10-01 13:07 - 2014-02-12 16:55 - 000126464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpsv251.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 013463552 ____C C:\WINDOWS\system32\dllcache\hwxjpn.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 010096640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxcht.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 002134528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsnap.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 001677824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chsbrkr.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000838144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtbrkr.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000562176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsst.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000514587 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\edb500.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000480256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintsetp.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000451584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsapi.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000400384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsxp32.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000397312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxstiff.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000331264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aqueue.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000285184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscomex.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000267776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssvc.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000246272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxst30.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_g18030.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintime.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000192512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxswzrd.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000189440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpadm.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000173568 ____C C:\WINDOWS\system32\dllcache\chtskf.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000162850 ____C C:\WINDOWS\system32\dllcache\c_10001.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsui.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000142848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclnt.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000132608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000108827 ____C C:\WINDOWS\system32\dllcache\hanja.lex
      2018-10-01 13:07 - 2008-04-14 14:00 - 000108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\appconf.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntagnt.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtmbx.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntwin.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000082172 ____C C:\WINDOWS\system32\dllcache\bopomofo.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dayi.ime
      2018-10-01 13:07 - 2008-04-14 14:00 - 000078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chajei.ime
      2018-10-01 13:07 - 2008-04-14 14:00 - 000072192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscom.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066728 ____C C:\WINDOWS\system32\dllcache\big5.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls
      2018-10-01 13:07 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\httpod51.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000057856 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000057399 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cplexe.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\convlog.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtskdic.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsevent.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000054528 ____C (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
      2018-10-01 13:07 - 2008-04-14 14:00 - 000049664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adrot.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browscap.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000045056 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000042496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\davcdata.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hostmib.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hanjadic.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\controt.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gzip.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000031744 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admexs.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asptxn.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsdrv.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
      2018-10-01 13:07 - 2008-04-14 14:00 - 000024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntcmd.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compfilt.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsmon.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsext32.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintlgnt.ime
      2018-10-01 13:07 - 2008-04-14 14:00 - 000020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\counters.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0804.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0412.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0411.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0404.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\exstrace.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aspperf.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
      2018-10-01 13:07 - 2008-04-14 14:00 - 000009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\authfilt.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsperf.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\staxmem.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\httpmb51.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpctrs2.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamregps.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\f3ahvoas.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsres.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpmib.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
      2018-10-01 13:07 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admxprox.dll
      2018-10-01 13:07 - 2003-03-24 16:52 - 000618605 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4autl.dll
      2018-10-01 13:07 - 2003-03-24 16:52 - 000094208 ____C C:\WINDOWS\system32\dllcache\fpencode.dll
      2018-10-01 13:07 - 2003-03-24 16:52 - 000032827 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptest.exe
      2018-10-01 13:07 - 2003-03-24 16:52 - 000024632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmcgi.exe
      2018-10-01 13:07 - 2003-03-24 16:52 - 000020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmdll.dll
      2018-10-01 13:07 - 2003-03-24 16:52 - 000020536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.dll
      2018-10-01 13:07 - 2003-03-24 16:52 - 000016437 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.exe
      2018-10-01 13:07 - 2003-03-24 16:52 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptsat.dll
      2018-10-01 13:07 - 2001-08-17 22:36 - 000045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
      2018-10-01 13:07 - 2001-08-17 22:36 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
      2018-10-01 13:07 - 2001-08-17 22:36 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
      2018-10-01 13:06 - 2018-10-03 14:31 - 000001607 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
      2018-10-01 13:06 - 2018-10-03 14:22 - 000023392 _____ C:\WINDOWS\system32\nscompat.tlb
      2018-10-01 13:06 - 2018-10-03 14:22 - 000016832 _____ C:\WINDOWS\system32\amcompat.tlb
      2018-10-01 13:06 - 2018-10-03 14:21 - 000316640 _____ C:\WINDOWS\WMSysPr9.prx
      2018-10-01 13:06 - 2018-10-01 13:19 - 000001006 _____ C:\WINDOWS\OEWABLog.txt
      2018-10-01 13:06 - 2018-10-01 13:06 - 000002577 _____ C:\WINDOWS\system32\CONFIG.NT
      2018-10-01 13:06 - 2018-10-01 13:06 - 000001599 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000792 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000398 _____ C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 __SHD C:\Documents and Settings\Default User\IETldCache
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 __RSH C:\MSDOS.SYS
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 __RSH C:\IO.SYS
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 ____D C:\WINDOWS\system32\xircom
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 ____D C:\Program Files\xerox
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 ____D C:\Program Files\microsoft frontpage
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 _____ C:\WINDOWS\control.ini
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 _____ C:\CONFIG.SYS
      2018-10-01 13:06 - 2018-10-01 13:06 - 000000000 _____ C:\AUTOEXEC.BAT
      2018-10-01 13:06 - 2008-04-14 14:00 - 000829440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000290816 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adsiis51.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000275968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certwiz.ocx
      2018-10-01 13:06 - 2008-04-14 14:00 - 000169984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisui.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000133632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrtl.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certmap.ocx
      2018-10-01 13:06 - 2008-04-14 14:00 - 000076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logui.ocx
      2018-10-01 13:06 - 2008-04-14 14:00 - 000076288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnfgprts.ocx
      2018-10-01 13:06 - 2008-04-14 14:00 - 000068608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isatq.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000068608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisext51.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000064512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismap.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000046592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\coadmin.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admwprox.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000030720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstas.exe
      2018-10-01 13:06 - 2008-04-14 14:00 - 000019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetsloc.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisreset.exe
      2018-10-01 13:06 - 2008-04-14 14:00 - 000013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoadmn.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.exe
      2018-10-01 13:06 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpsapi2.dll
      2018-10-01 13:06 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstap.dll
      2018-10-01 13:06 - 2004-05-13 00:39 - 000876653 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awel.dll
      2018-10-01 13:06 - 2004-05-13 00:39 - 000598071 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmc.dll
      2018-10-01 13:06 - 2004-05-13 00:39 - 000184435 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4amsft.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmcsat.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000188494 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpcount.exe
      2018-10-01 13:06 - 2003-03-24 16:52 - 000188480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgwiz.exe
      2018-10-01 13:06 - 2003-03-24 16:52 - 000147513 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4apws.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000109328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98swin.exe
      2018-10-01 13:06 - 2003-03-24 16:52 - 000102509 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4atxt.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000082035 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4anscp.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000049212 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awebs.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000049210 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4areg.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000041020 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avnb.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000032826 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avss.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpexedll.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.dll
      2018-10-01 13:06 - 2003-03-24 16:52 - 000020538 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpremadm.exe
      2018-10-01 13:06 - 2003-03-24 16:52 - 000016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.exe
      2018-10-01 13:06 - 2003-03-24 16:52 - 000016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
      2018-10-01 13:06 - 2003-03-24 16:52 - 000014608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98sadm.exe
      2018-10-01 13:05 - 2018-10-03 14:21 - 000000000 __SHD C:\Documents and Settings\All Users\DRM
      2018-10-01 13:05 - 2018-10-01 13:05 - 000000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
      2018-10-01 13:04 - 2018-10-01 13:04 - 000065536 _____ C:\WINDOWS\system32\config\Internet.evt
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000749 ___RH C:\WINDOWS\WindowsShell.Manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000749 ___RH C:\WINDOWS\system32\wuaucpl.cpl.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000749 ___RH C:\WINDOWS\system32\sapi.cpl.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000749 ___RH C:\WINDOWS\system32\nwc.cpl.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000749 ___RH C:\WINDOWS\system32\ncpa.cpl.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000749 ___RH C:\WINDOWS\system32\cdplayer.exe.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000488 ___RH C:\WINDOWS\system32\WindowsLogon.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000488 ___RH C:\WINDOWS\system32\logonui.exe.manifest
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000000 ___HD C:\Program Files\WindowsUpdate
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000000 ____D C:\WINDOWS\system32\DirectX
      2018-10-01 13:04 - 2018-10-01 13:04 - 000000000 ____D C:\Program Files\Online Services
      2018-10-01 13:04 - 2008-04-14 14:00 - 004399505 ____C C:\WINDOWS\system32\dllcache\nls302en.lex
      2018-10-01 13:04 - 2008-04-14 14:00 - 000099840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helphost.exe
      2018-10-01 13:04 - 2008-04-14 14:00 - 000048680 ___SH C:\WINDOWS\winnt256.bmp
      2018-10-01 13:04 - 2008-04-14 14:00 - 000048680 ___SH C:\WINDOWS\winnt.bmp
      2018-10-01 13:04 - 2008-04-14 14:00 - 000035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\notiflag.exe
      2018-10-01 13:04 - 2008-04-14 14:00 - 000021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\brpinfo.dll
      2018-10-01 13:04 - 2008-04-14 14:00 - 000011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atrace.dll
      2018-10-01 13:04 - 2008-04-14 14:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\atrace.dll
      2018-10-01 13:04 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hcappres.dll
      2018-10-01 13:03 - 2018-10-01 13:04 - 000000000 ____D C:\WINDOWS\srchasst
      2018-10-01 13:03 - 2018-10-01 13:03 - 000000000 ____D C:\Program Files\Movie Maker
      2018-10-01 13:03 - 2018-10-01 13:03 - 000000000 ____D C:\Program Files\Common Files\Services
      2018-10-01 13:03 - 2018-10-01 13:03 - 000000000 ____D C:\Program Files\Common Files\MSSoap
      2018-10-01 13:03 - 2014-02-12 16:57 - 000759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 001933848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuaueng.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 001933848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000577048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuapi.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000577048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000329240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wucltui.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000329240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltui.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000219160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuaucpl.cpl
      2018-10-01 13:03 - 2014-02-12 16:56 - 000219160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaucpl.cpl
      2018-10-01 13:03 - 2014-02-12 16:56 - 000210968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuweb.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000210968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuweb.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000194520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuaueng1.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000194520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng1.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000172504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuauclt1.exe
      2018-10-01 13:03 - 2014-02-12 16:56 - 000172504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt1.exe
      2018-10-01 13:03 - 2014-02-12 16:56 - 000053784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuauclt.exe
      2018-10-01 13:03 - 2014-02-12 16:56 - 000053784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      2018-10-01 13:03 - 2014-02-12 16:56 - 000035864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wups.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000035864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000023064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuauserv.dll
      2018-10-01 13:03 - 2014-02-12 16:56 - 000023064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauserv.dll
      2018-10-01 13:03 - 2014-02-12 16:55 - 003558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 004256768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2res.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 003166208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msgr3en.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000726078 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srchui.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000502272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2fxa.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qmgr.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000402432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2filt.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000364544 ____C (Microsoft Corporation (written by Digital Renaissance Inc.)) C:\WINDOWS\system32\dllcache\npdsplay.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000325632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2fxb.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000235520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mssoap1.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000226816 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\npdrmv2.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmpns.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000167936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2ae.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg723.acm
      2018-10-01 13:03 - 2008-04-14 14:00 - 000093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieinfo5.ocx
      2018-10-01 13:03 - 2008-04-14 14:00 - 000073728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwtutor.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000064512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\acctres.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\acctres.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwres.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000058434 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srchctls.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000047104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srdiag.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\trialoc.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msinfo32.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wisc10.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mssoapr.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qmgrprxy.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgrprxy.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isignup.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icfgnt5.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfgnt5.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wb32.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmevtmsg.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cb32.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmevtmsg.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\npwmsdrm.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bitsprx2.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx2.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2ext.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bitsprx4.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bitsprx3.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx3.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2res2.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000004639 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mplayer2.exe
      2018-10-01 13:03 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmm2eres.dll
      2018-10-01 13:03 - 2008-04-14 14:00 - 000000984 ____C C:\WINDOWS\system32\dllcache\srframe.mmf
      2018-10-01 13:03 - 2005-01-28 13:44 - 000991232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migrate.exe
      2018-10-01 13:03 - 2005-01-28 13:44 - 000819200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\setup_wm.exe
      2018-10-01 13:03 - 2005-01-28 13:44 - 000352256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mpvis.dll
      2018-10-01 13:03 - 2005-01-28 13:44 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmpband.dll
      2018-10-01 13:03 - 2005-01-28 13:44 - 000073728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmplayer.exe
      2018-10-01 13:03 - 2005-01-28 13:44 - 000028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\custsat.dll
      2018-10-01 13:02 - 2018-10-02 08:44 - 000000000 ____D C:\Program Files\Common Files\System
      2018-10-01 13:02 - 2018-10-01 13:03 - 000000000 ____D C:\Program Files\Outlook Express
      2018-10-01 13:02 - 2018-10-01 13:03 - 000000000 ____D C:\Program Files\NetMeeting
      2018-10-01 13:02 - 2014-02-12 16:57 - 000638816 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iexplore.exe
      2018-10-01 13:02 - 2014-02-12 16:57 - 000068608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hmmapi.dll
      2018-10-01 13:02 - 2014-02-12 16:56 - 001315328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msoe.dll
      2018-10-01 13:02 - 2014-02-12 16:56 - 000153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
      2018-10-01 13:02 - 2014-02-12 16:56 - 000102400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msjro.dll
      2018-10-01 13:02 - 2014-02-12 16:56 - 000045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
      2018-10-01 13:02 - 2014-02-12 16:55 - 000744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
      2018-10-01 13:02 - 2014-02-12 16:55 - 000692736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcomm.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000565248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000331776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000200704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadox.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000180224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadomd.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000143360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadco.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
      2018-10-01 13:02 - 2014-02-12 16:55 - 000081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado27.tlb
      2018-10-01 13:02 - 2014-02-12 16:55 - 000081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isign32.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\isign32.dll
      2018-10-01 13:02 - 2014-02-12 16:55 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado26.tlb
      2018-10-01 13:02 - 2014-02-12 16:55 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado25.tlb
      2018-10-01 13:02 - 2014-02-12 16:55 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado21.tlb
      2018-10-01 13:02 - 2014-02-12 16:55 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado20.tlb
      2018-10-01 13:02 - 2014-02-12 16:55 - 000057344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msador15.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 002479616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msoeres.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 001032192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\conf.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000769024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpctr.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000565248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msobmain.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000554008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dao360.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000510976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab32.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000487424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oledb32.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000385024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\callcont.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000380416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rstrui.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000376832 ____C () C:\WINDOWS\system32\dllcache\msinfo.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000315392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdasql.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000274944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstask.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstask.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000274432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mst120.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000274432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcfg.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcfg.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000252928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msoeacct.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoeacct.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000249856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab32res.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000239104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srrstr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000233472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaora.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000229376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmas.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nac.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000217088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sqlxmlx.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000214528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwconn1.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000204800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaps.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000200704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaprst.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000192512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\schedsvc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000188416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmwb.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msh261.drv
      2018-10-01 13:02 - 2008-04-14 14:00 - 000172032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmoldwb.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000172032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwhelp.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000171008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srsvc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\srsvc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000169984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msconfig.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000155648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadds.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000151552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmft.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000150528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uploadm.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000129792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fltmgr.sys
      2018-10-01 13:02 - 2008-04-14 14:00 - 000129792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
      2018-10-01 13:02 - 2008-04-14 14:00 - 000122368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msobcomm.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000118784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdarem.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msoert2.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000104448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oeimport.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000102912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pchshell.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000094208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdatl3.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000086528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\directdb.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwconn2.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000085504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wabimp.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmchat.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ils.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ils.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmcom.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaosp.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000073728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwdial.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\icwdial.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000073472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sr.sys
      2018-10-01 13:02 - 2008-04-14 14:00 - 000073472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sr.sys
      2018-10-01 13:02 - 2008-04-14 14:00 - 000073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\setup50.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msconf.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msconf.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srclient.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oledb32r.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwphbk.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\icwphbk.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rrcm.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadcf.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwconn.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000060416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oemig50.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000060416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msimn.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000057344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mst123.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000057344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadrh15.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000057344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\h323cc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadcs.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000051200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oobebaln.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000049152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwutil.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetres.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetres.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\safrslv.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\safrslv.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\confmrsl.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\safrcdlg.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\racpldlg.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\safrcdlg.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dcap32.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000038400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pchsvc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdfmap.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oemiglib.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000034560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mnmdd.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000034560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mnmdd.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wabfind.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mnmsrvc.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwdl.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000032768 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\isrdbg32.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mnmsrvc.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000032768 _____ (Intel Corporation) C:\WINDOWS\system32\isrdbg32.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000030720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msobshel.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wabmig.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\safrdm.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\safrdm.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msoobe.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmmkcert.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmasnt.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmmkcert.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxactps.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msader15.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msaddsr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwrmind.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fltmc.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltMc.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdatt.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadcer.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetwiz.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msobweb.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedw.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hscupd.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fltlib.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltlib.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msobdl.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdasqlr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaremr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaprsr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaorar.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadcor.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadcfr.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstinit.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstinit.exe
      2018-10-01 13:02 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaurl.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdasc.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaer.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdaenum.dll
      2018-10-01 13:02 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdadc.dll
      2018-10-01 13:01 - 2018-10-09 12:37 - 000000599 _____ C:\Documents and Settings\All Users\Start Menu\Microsoft Update Catalog.lnk
      2018-10-01 13:01 - 2018-10-01 13:05 - 000000000 ____D C:\WINDOWS\Registration
      2018-10-01 13:01 - 2018-10-01 13:01 - 000021640 _____ C:\WINDOWS\system32\emptyregdb.dat
      2018-10-01 13:01 - 2018-10-01 13:01 - 000001570 _____ C:\Documents and Settings\All Users\Start Menu\Microsoft Update.lnk
      2018-10-01 13:01 - 2018-10-01 13:01 - 000000037 _____ C:\WINDOWS\vbaddin.ini
      2018-10-01 13:01 - 2018-10-01 13:01 - 000000036 _____ C:\WINDOWS\vb.ini
      2018-10-01 13:01 - 2018-10-01 13:01 - 000000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Games
      2018-10-01 13:01 - 2018-10-01 13:01 - 000000000 ____D C:\Program Files\MSN Gaming Zone
      2018-10-01 13:01 - 2018-10-01 13:01 - 000000000 ____D C:\Program Files\ComPlus Applications
      2018-10-01 13:01 - 2008-04-14 14:00 - 002178131 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shvlres.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 001817687 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bckgres.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 001175635 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hrtzres.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 001039955 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cmnresm.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000780885 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chkrres.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000753236 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rvseres.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000217160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cmnclim.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000113222 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zoneclim.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000082501 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bckg.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000066113 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shvl.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000057409 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hrtz.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000048706 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rvse.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000042577 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bckgzm.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000042575 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chkrzm.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000042574 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rvsezm.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000042573 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shvlzm.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000042573 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hrtzzm.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000041029 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zcorem.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000040515 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chkr.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000036937 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zclientm.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000032339 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniansi.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000029760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\znetm.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000013894 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zonelibm.dll
      2018-10-01 13:01 - 2008-04-14 14:00 - 000005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\write.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\write.exe
      2018-10-01 13:01 - 2008-04-14 14:00 - 000004677 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zeeverm.dll
      2018-10-01 13:00 - 2018-10-01 13:01 - 000000000 ____D C:\WINDOWS\system32\MsDtc
      2018-10-01 13:00 - 2018-10-01 13:01 - 000000000 ____D C:\WINDOWS\system32\Com
      2018-10-01 13:00 - 2018-10-01 13:00 - 000000000 ____D C:\Program Files\Windows NT
      2018-10-01 13:00 - 2014-02-12 16:56 - 000453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000343040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspaint.exe
      2018-10-01 13:00 - 2014-02-12 16:56 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
      2018-10-01 13:00 - 2014-02-12 16:56 - 000299008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msiprov.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000296960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\termsrv.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
      2018-10-01 13:00 - 2014-02-12 16:56 - 000218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
      2018-10-01 13:00 - 2014-02-12 16:56 - 000139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
      2018-10-01 13:00 - 2014-02-12 16:56 - 000139784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpwd.sys
      2018-10-01 13:00 - 2014-02-12 16:56 - 000092672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\policman.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000091648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtxoci.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsgqec.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
      2018-10-01 13:00 - 2014-02-12 16:56 - 000022024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdtcp.sys
      2018-10-01 13:00 - 2014-02-12 16:56 - 000022024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdtcp.sys
      2018-10-01 13:00 - 2014-02-12 16:55 - 002691072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lhmstscx.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 002691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 001358336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cimwin32.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 001034240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lhmstsc.exe
      2018-10-01 13:00 - 2014-02-12 16:55 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
      2018-10-01 13:00 - 2014-02-12 16:55 - 000956928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtctm.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000428032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtcprx.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000161792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtcuiu.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000131072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aaclient.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtclog.dll
      2018-10-01 13:00 - 2014-02-12 16:55 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtclog.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 001267200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comsvcs.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 001267200 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000625664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\catsrvut.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000605696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\getuname.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\getuname.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000539648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comuid.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000539136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dialer.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000538624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spider.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\spider.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000531456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemcore.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000498688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\clbcatq.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\clbcatq.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000358912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmic.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000347136 _____ (Hilgraeve, Inc.) C:\WINDOWS\system32\hypertrm.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000290304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rhttpaa.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000281088 ____C (Cinematronics) C:\WINDOWS\system32\dllcache\pinball.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000273920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemess.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\esscli.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000237056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\provthrd.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avtapi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\avtapi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000226304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\catsrv.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrv.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000214528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemcomn.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000212992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntevt.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000197120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemupgd.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000196608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiadap.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000196608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemcntl.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000195072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comadmin.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\framedyn.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cmprops.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmprops.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\accwiz.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\accwiz.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000178176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemdisp.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000178176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\repdrvfs.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comsnap.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsnap.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipcima.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000147968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdchost.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdchost.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmisvc.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000141312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sessmgr.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sessmgr.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000140800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmidcprv.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000138752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sndvol32.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sndvol32.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000132096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipdskq.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\viewprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sndrec32.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sndrec32.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000126976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshearts.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshearts.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000126464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiapsrv.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000123904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mofd.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000123392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mplay32.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mplay32.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000120320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dsprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmine.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmine.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000116224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemtest.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000116224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\updprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000114688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\calc.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\clbcatex.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\clbcatex.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000102912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\clipbrd.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\clipbrd.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comrepl.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comrepl.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiutils.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000093702 _____ C:\WINDOWS\system32\subrange.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000093696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tscfgwmi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000088576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiaprpl.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000087176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwsx.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000087176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpwsx.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000086528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\stdprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000085504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\catsrvps.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000080384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\charmap.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\charmap.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000075264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipicmp.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avwav.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\avwav.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000071680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemcons.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000068608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\access.cpl
      2018-10-01 13:00 - 2008-04-14 14:00 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\access.cpl
      2018-10-01 13:00 - 2008-04-14 14:00 - 000067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdshost.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdshost.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000065978 _____ C:\WINDOWS\Soap Bubbles.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000065954 _____ C:\WINDOWS\Prairie Wind.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000065832 _____ C:\WINDOWS\Santa Fe Stucco.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000063488 _____ C:\WINDOWS\system32\wmimgmt.msc
      2018-10-01 13:00 - 2008-04-14 14:00 - 000062976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpclip.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000062464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipjobj.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipiprt.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmplprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmimsg.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000060928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmicookr.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000060458 _____ C:\WINDOWS\system32\ideograf.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000060416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\remotepg.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000060416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\colbact.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotepg.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\colbact.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemdisp.tlb
      2018-10-01 13:00 - 2008-04-14 14:00 - 000059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\trnsprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000059392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\stclient.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\stclient.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licwmi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\licwmi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000056832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sol.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sol.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\servdeps.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\servdeps.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\freecell.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\freecell.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fwdprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000052224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmitimep.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000047104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ncprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmi2xml.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000044544 _____ (Hilgraeve, Inc.) C:\WINDOWS\system32\hticons.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemsvc.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000041472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipsess.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpcons.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgbkend.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000036352 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scrcons.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winchat.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winchat.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000034304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtxlegih.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxlegih.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\regini.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\regini.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemads.tlb
      2018-10-01 13:00 - 2008-04-14 14:00 - 000030720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtxdm.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxdm.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comaddin.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comaddin.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000026680 _____ C:\WINDOWS\River Sumida.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000026582 _____ C:\WINDOWS\Greenstone.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\krnlprov.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000024006 _____ C:\WINDOWS\system32\gb2312.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000022984 _____ C:\WINDOWS\system32\bopomofo.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qwinsta.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msg.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpsnd.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qprocess.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsnd.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtsadmin.tlb
      2018-10-01 13:00 - 2008-04-14 14:00 - 000018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemprox.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000017408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mmfutil.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmfutil.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000017362 _____ C:\WINDOWS\Rhododendron.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000017336 _____ C:\WINDOWS\Gone Fishing.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000017062 _____ C:\WINDOWS\Coffee Bean.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unsecapp.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsshutdn.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qappsrv.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsshutdn.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016740 _____ C:\WINDOWS\system32\shiftjis.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016730 _____ C:\WINDOWS\FeatherTexture.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmgmtr.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tskill.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mofcomp.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avmeter.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\avmeter.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rwinsta.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cdmodem.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdmodem.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logoff.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsdiscon.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tscon.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shadow.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shadow.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000013824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdsaddin.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsaddin.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmgmt.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000013312 ____C (Hilgraeve, Inc.) C:\WINDOWS\system32\dllcache\htrn_jis.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000013223 _____ C:\WINDOWS\system32\tslabels.ini
      2018-10-01 13:00 - 2008-04-14 14:00 - 000012876 _____ C:\WINDOWS\system32\korean.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemads.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000012040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdpipe.sys
      2018-10-01 13:00 - 2008-04-14 14:00 - 000012040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdpipe.sys
      2018-10-01 13:00 - 2008-04-14 14:00 - 000011776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xolehlp.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icaapi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\icaapi.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\reset.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comrepl.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000009522 _____ C:\WINDOWS\Zapotec.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000008484 _____ C:\WINDOWS\system32\kanji_2.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006948 _____ C:\WINDOWS\system32\kanji_1.uce
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiapres.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtc.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dcomcnfg.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comrereg.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtc.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomcnfg.exe
      2018-10-01 13:00 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpcfgex.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtxex.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcfgex.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxex.dll
      2018-10-01 13:00 - 2008-04-14 14:00 - 000003286 _____ C:\WINDOWS\system32\tslabels.h
      2018-10-01 13:00 - 2008-04-14 14:00 - 000001931 _____ C:\WINDOWS\system32\msdtcprf.ini
      2018-10-01 13:00 - 2008-04-14 14:00 - 000001272 _____ C:\WINDOWS\Blue Lace 16.bmp
      2018-10-01 13:00 - 2008-04-14 14:00 - 000001161 _____ C:\WINDOWS\system32\usrlogon.cmd
      2018-10-01 13:00 - 2008-04-14 14:00 - 000000768 _____ C:\WINDOWS\system32\msdtcprf.h
      2018-10-01 12:59 - 2009-09-04 16:43 - 000195712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
      2018-10-01 12:59 - 2008-04-14 03:43 - 000040840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\termdd.sys
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-10-09 08:47 - 2008-04-14 14:00 - 000000573 _____ C:\WINDOWS\win.ini
      2018-10-09 08:47 - 2008-04-14 14:00 - 000000227 _____ C:\WINDOWS\system.ini
      2018-10-05 08:55 - 2008-04-14 14:00 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
      2018-10-05 08:55 - 2008-04-14 14:00 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
      2018-10-03 10:08 - 2008-04-14 14:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
      ==================== Files in the root of some directories =======
      2018-10-01 13:33 - 2018-10-07 09:14 - 000006144 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      Some files in TEMP:
      ====================
      2018-10-08 13:13 - 2018-10-08 13:14 - 013604352 _____ (Reimage) C:\Documents and Settings\Administrator\Local Settings\Temp\ReimagePackage.exe
      2002-07-15 21:43 - 2002-07-15 21:43 - 000052736 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\sfextra.dll
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      ==================== End of FRST.txt ============================
      Addition.txt
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.